savannah-hackers
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Savannah-hackers] Feature suggestion: GPG key exchange

From: Joel N. Weber II
Subject: Re: [Savannah-hackers] Feature suggestion: GPG key exchange
Date: Mon, 12 Nov 2001 20:25:08 -0500 
   > Just a suggestion, but now that savannah is fairly well established
   > for all GNU project hackers it might be a good idea to add a store for
   > a public GPG key for each developer.

   or just run a keyserver.  keyserver.gnu.org  or something like that.

   Any takers?

We discussed this to death in February; people should go read
/com/archive/sysadmin-volunteers.older.archives/sysadmin-volunteers.end010301.gz
on fencepost.

To summarize:

Mark Weaver seemed to be against doing this, or at least, he didn't
seem to see a lot of value in it.  His argument is that since the
protocol you use to connect to a keyserver isn't secure, you still
have to have some way of verifying the fingerprint.  Implied by his
argument is that there are presumably other people already doing an
adaquate job of running keyservers.

Part of what bkuhn wrote (I'm not entirely certain that this captures
all of what he was trying to say, though), is:

   I think it *is* still useful for us to run a keyserver for GNU.  That way,
   if people need a key from a maintainer, they always know where to go.  It
   makes it easier for users, I think.
   
   Of course, we will widely publish that we don't expect people to simply
   accept the key because it came from the server.  Similar to Debian---we'd
   have a strict key signing policy, but a public keyserver to make key
   exchange easier.

Part of my reaction to that is that if people get keys from a
keyserver that isn't the GNU keyserver, they will be more likely to be
appropriately skeptical.  And I assume that there are some well-known
keyservers for GPG keys, and people can presumably make sure that GNU
maintainer keys appear on all of those.

I'm very concerned that if we had a mechanism for listing keys on
savannah that people would trust it more than they should.  Given that
anyone who can intercept your email can hijack your savannah account,
it's sort of pointless.

(It also appears that in February bkuhn said that he wanted to see a
keyserver appear, but nobody was found who was willing and able to
make it happen.)

Of course, another thing I'm puzzled by is why people are so concerned
about making it easy for people to get maintainer keys when mirrors of
ftp.gnu.org and www.gnu.org haven't been able to reliably rsync in
many weeks.  I think we have no business thinking about adding
non-essential services until we have the basics working properly.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]