| 1 |
Hi all, |
| 2 |
|
| 3 |
I've been asked a couple of times in IRC and other mediums, about what |
| 4 |
GPG key settings etc to use. I would not not call these final yet, but should |
| 5 |
be fairly close to final. |
| 6 |
|
| 7 |
This was originally intended to be part of the tree-signing GLEP series, but |
| 8 |
was in one of the unpublished ones (GLEPxx+3 in the references). I guess if |
| 9 |
there are no major objections to the below, I'll finalize them into the GLEP. |
| 10 |
This will replace the conflicting information in: |
| 11 |
http://devmanual.gentoo.org/general-concepts/manifest/index.html |
| 12 |
http://www.gentoo.org/doc/en/gnupg-user.xml |
| 13 |
|
| 14 |
The following is based on: |
| 15 |
- NIST SP 800-57 recommendations |
| 16 |
- Debian GPG documentation |
| 17 |
- RiseUp.net OpenPGP best practices. |
| 18 |
|
| 19 |
Bare minimum requirements: |
| 20 |
-------------------------- |
| 21 |
1. SHA2-series output digest (SHA1 digests internally permitted). |
| 22 |
"personal-digest-preferences SHA256" |
| 23 |
2. root key & signing subkey of EITHER: |
| 24 |
2.1. DSA, 1024 or 2048 bits |
| 25 |
2.2. RSA, >=2048 bits |
| 26 |
3. Key expiry: 5 years. |
| 27 |
|
| 28 |
Recommendations: |
| 29 |
---------------- |
| 30 |
1. SHA2-series digest on output & certifications: |
| 31 |
"personal-digest-preferences SHA256" |
| 32 |
"cert-digest-algo SHA256" |
| 33 |
2. Root key type of RSA, 4096 bits |
| 34 |
2.1. This may require creating an entirely new key. |
| 35 |
3. Dedicated Gentoo signing subkey of EITHER: |
| 36 |
3.1. DSA 2048 bits |
| 37 |
3.2. RSA 4096 bits |
| 38 |
4. Key expiry: |
| 39 |
4.1. Root key: 3 year max. |
| 40 |
4.2. Gentoo subkey: 1 year max. |
| 41 |
5. Create a revocation certificate & store it hardcopy offsite securely |
| 42 |
(it's about ~300 bytes). |
| 43 |
6. Encrypted backup of your secret keys. |
| 44 |
7. In your gpg.conf: |
| 45 |
# include an unambiguous indicator of which key made a signature: |
| 46 |
# (see http://thread.gmane.org/gmane.mail.notmuch.general/3721/focus=7234) |
| 47 |
sig-notation issuer-fpr@×××××××××××××××××××××××××××××××.net=%g |
| 48 |
|
| 49 |
Notes/FAQ: |
| 50 |
---------- |
| 51 |
1. "Ok, so how do I follow this?" |
| 52 |
http://ekaia.org/blog/2009/05/10/creating-new-gpgkey/ |
| 53 |
http://keyring.debian.org/creating-key.html |
| 54 |
2. "How can I be really sure/paranoid enough?" |
| 55 |
https://we.riseup.net/riseuplabs+paow/openpgp-best-practices |
| 56 |
3. Every 3-6 months, and/or before key expiry and major keysigning |
| 57 |
events, you should update your key expiry date with the 'expire' |
| 58 |
command (remember to do all subkeys). Put it on your calendar! |
| 59 |
4. If you intend to sign on a slow alternative-arch, you may find adding |
| 60 |
a DSA1024 subkey significantly speeds up the signing. |
| 61 |
5. Can you give me a full ~/.gnupg/gpg.conf file? |
| 62 |
=== |
| 63 |
# -- robbat2's recommendations: |
| 64 |
keyserver pool.sks-keyservers.net |
| 65 |
emit-version |
| 66 |
default-recipient-self |
| 67 |
# -- All of the below portion from the RiseUp.net OpenPGP best practices, and |
| 68 |
# -- many of them are also in the Debian GPG documentation. |
| 69 |
# when outputting certificates, view user IDs distinctly from keys: |
| 70 |
fixed-list-mode |
| 71 |
# long keyids are more collision-resistant than short keyids (it's trivial to make a key with any desired short keyid) |
| 72 |
keyid-format 0xlong |
| 73 |
# when multiple digests are supported by all recipients, choose the strongest one: |
| 74 |
personal-digest-preferences SHA512 SHA384 SHA256 SHA224 |
| 75 |
# preferences chosen for new keys should prioritize stronger algorithms: |
| 76 |
default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 BZIP2 ZLIB ZIP Uncompressed |
| 77 |
# If you use a graphical environment (and even if you don't) you should be using an agent: |
| 78 |
# (similar arguments as https://www.debian-administration.org/users/dkg/weblog/64) |
| 79 |
use-agent |
| 80 |
# You should always know at a glance which User IDs gpg thinks are legitimately bound to the keys in your keyring: |
| 81 |
verify-options show-uid-validity |
| 82 |
list-options show-uid-validity |
| 83 |
# include an unambiguous indicator of which key made a signature: |
| 84 |
# (see http://thread.gmane.org/gmane.mail.notmuch.general/3721/focus=7234) |
| 85 |
sig-notation issuer-fpr@×××××××××××××××××××××××××××××××.net=%g |
| 86 |
# when making an OpenPGP certification, use a stronger digest than the default SHA1: |
| 87 |
cert-digest-algo SHA256 |
| 88 |
=== |
| 89 |
|
| 90 |
-- |
| 91 |
Robin Hugh Johnson |
| 92 |
Gentoo Linux: Developer, Trustee & Infrastructure Lead |
| 93 |
E-Mail : robbat2@g.o |
| 94 |
GnuPG FP : 11ACBA4F 4778E3F6 E4EDF38E B27B944E 34884E85 |
Archives