1 |
W dniu śro, 04.07.2018 o godzinie 12∶23 +0200, użytkownik Michał Górny |
2 |
napisał: |
3 |
> Hi, everyone. |
4 |
> |
5 |
> Following comments and other discussion, here's a bigger patch set |
6 |
> that updates GLEP 63 to v2. |
7 |
|
8 |
And of course I forgot to include the full text. Here it is: |
9 |
|
10 |
--- |
11 |
GLEP: 63 |
12 |
Title: Gentoo OpenPGP policies |
13 |
Author: Robin H. Johnson <robbat2@g.o>, |
14 |
Andreas K. Hüttel <dilfridge@g.o>, |
15 |
Marissa Fischer <blogtodiffer@×××××.com> |
16 |
Type: Standards Track |
17 |
Status: Final |
18 |
Version: 2 |
19 |
Created: 2013-02-18 |
20 |
Last-Modified: 2018-07-04 |
21 |
Post-History: 2013-11-10 |
22 |
Content-Type: text/x-rst |
23 |
--- |
24 |
|
25 |
Credits |
26 |
======= |
27 |
|
28 |
Many developers and external sources helped in this GLEP. |
29 |
|
30 |
Abstract |
31 |
======== |
32 |
|
33 |
This GLEP provides both a minimum requirement and a recommended set of |
34 |
OpenPGP key management policies for the Gentoo Linux distribution. |
35 |
|
36 |
Changes |
37 |
======= |
38 |
|
39 |
v2 |
40 |
The recommended key expiration rules have been moved to the minimal |
41 |
specification. Changing the expiration date of existing keys is possible |
42 |
in-place so there is no need to provide for transitional 'minimum' value. |
43 |
|
44 |
An additional rule requesting key renewal 2 weeks before expiration |
45 |
has been added. This is in order to give services and other developers time |
46 |
to refresh the key. |
47 |
|
48 |
The usage of DSA keys has been disallowed. |
49 |
|
50 |
v1.1 |
51 |
The recommended RSA key size has been changed from 4096 bits |
52 |
to 2048 bits to match the GnuPG recommendations [#GNUPG-FAQ-11-4]_. |
53 |
The larger recommendation was unjustified and resulted in people |
54 |
unnecessarily replacing their RSA-2048 keys. |
55 |
|
56 |
Minimal specification has been amended to allow for ECC keys. |
57 |
|
58 |
The option of using DSA subkey has been removed from recommendations. |
59 |
The section now specifies a single recommendation of using RSA. |
60 |
|
61 |
Motivation |
62 |
========== |
63 |
|
64 |
Given the increasing use and importance of cryptographic protocols in internet |
65 |
transactions of any kind, unified requirements for OpenPGP keys used in Gentoo |
66 |
Linux development are sorely needed. This document provides both a set of |
67 |
bare minimum requirements and a set of best practice recommendations for |
68 |
the use of GnuPG (or other OpenPGP providers) by Gentoo Linux developers. |
69 |
It is intended to provide a basis for future improvements such as, e.g., |
70 |
consistent ebuild or package signing and verifying by end users. |
71 |
|
72 |
Specifications for OpenPGP keys |
73 |
=============================== |
74 |
|
75 |
Bare minimum requirements |
76 |
------------------------- |
77 |
This section specifies obligatory requirements for all OpenPGP keys used |
78 |
to commit to Gentoo. Keys that do not conform to those requirements can |
79 |
not be used to commit. |
80 |
|
81 |
1. SHA2-series output digest (SHA1 digests internally permitted), |
82 |
256bit or more:: |
83 |
|
84 |
personal-digest-preferences SHA256 |
85 |
|
86 |
2. Primary key and a dedicated signing subkey, both of EITHER: |
87 |
|
88 |
a. RSA, >=2048 bits (OpenPGP v4 key format or later only) |
89 |
|
90 |
b. ECC, curve 25519 |
91 |
|
92 |
3. Key expiration: |
93 |
|
94 |
a. Primary key: 3 years maximum |
95 |
|
96 |
b. Gentoo subkey: 1 year maximum |
97 |
|
98 |
4. Key expiration date renewed at least 2 weeks before the previous |
99 |
expiration date. |
100 |
|
101 |
5. Upload your key to the SKS keyserver rotation before usage! |
102 |
|
103 |
Recommendations |
104 |
--------------- |
105 |
This section specifies the best practices for Gentoo developers. |
106 |
The developers should follow those practices unless there is a strong |
107 |
technical reason not to (e.g. hardware limitations, necessity of replacing |
108 |
their primary key). |
109 |
|
110 |
1. Copy ``/usr/share/gnupg/gpg-conf.skel`` to ``~/.gnupg/gpg.conf``, append |
111 |
the following block:: |
112 |
|
113 |
keyserver pool.sks-keyservers.net |
114 |
|
115 |
emit-version |
116 |
|
117 |
default-recipient-self |
118 |
|
119 |
# -- All of the below portion from the RiseUp.net OpenPGP best practices, and |
120 |
# -- many of them are also in the Debian GPG documentation. |
121 |
|
122 |
# when outputting certificates, view user IDs distinctly from keys: |
123 |
fixed-list-mode |
124 |
|
125 |
# long keyids are more collision-resistant than short keyids (it's trivial to make a key |
126 |
# with any desired short keyid) |
127 |
# NOTE: this breaks kmail gnupg support! |
128 |
keyid-format 0xlong |
129 |
|
130 |
# when multiple digests are supported by all recipients, choose the strongest one: |
131 |
personal-digest-preferences SHA512 SHA384 SHA256 SHA224 |
132 |
|
133 |
# preferences chosen for new keys should prioritize stronger algorithms: |
134 |
default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 BZIP2 ZLIB ZIP Uncompressed |
135 |
|
136 |
# If you use a graphical environment (and even if you don't) you should be using an agent: |
137 |
# (similar arguments as https://www.debian-administration.org/users/dkg/weblog/64) |
138 |
use-agent |
139 |
|
140 |
# You should always know at a glance which User IDs gpg thinks are legitimately bound to |
141 |
# the keys in your keyring: |
142 |
verify-options show-uid-validity |
143 |
list-options show-uid-validity |
144 |
|
145 |
# include an unambiguous indicator of which key made a signature: |
146 |
# (see http://thread.gmane.org/gmane.mail.notmuch.general/3721/focus=7234) |
147 |
# (and http://www.ietf.org/mail-archive/web/openpgp/current/msg00405.html) |
148 |
sig-notation issuer-fpr@×××××××××××××××××××××××××××××××.net=%g |
149 |
|
150 |
# when making an OpenPGP certification, use a stronger digest than the default SHA1: |
151 |
cert-digest-algo SHA256 |
152 |
|
153 |
2. Primary key and a dedicated signing subkey, both of type RSA, 2048 bits |
154 |
(OpenPGP v4 key format or later) |
155 |
|
156 |
3. Key expiration renewal: |
157 |
|
158 |
a. Primary key: annual |
159 |
|
160 |
b. Gentoo subkey: every 6 months |
161 |
|
162 |
4. Create a revocation certificate & store it hardcopy offsite securely |
163 |
(it's about ~300 bytes). |
164 |
|
165 |
5. Encrypted backup of your secret keys. |
166 |
|
167 |
Gentoo LDAP |
168 |
=========== |
169 |
|
170 |
All Gentoo developers must list the complete fingerprint for their primary |
171 |
keys in the "``gpgfingerprint``" LDAP field. It must be exactly 40 hex digits, |
172 |
uppercase, with optional spaces every 8 hex digits. Regular expression for |
173 |
validation:: |
174 |
|
175 |
^([[:space:]]*[[:xdigit:]]{8}){5}$ |
176 |
|
177 |
The prior "``gpgkey``" field will be removed, as it is a subset |
178 |
of the fingerprint field. In any place that presently displays |
179 |
the "``gpgkey``" field, the last 16 hex digits of the fingerprint should |
180 |
be displayed instead. |
181 |
|
182 |
Backwards Compatibility |
183 |
======================= |
184 |
|
185 |
There is no consistent standard for GPG usage in Gentoo to date. There is |
186 |
conflicting information in the Devmanual [#DEVMANUAL-MANIFEST]_ and the GnuPG |
187 |
Gentoo user guide [#GNUPG-USER]_. As there is little enforcement of Manifest |
188 |
signing and very little commit signing to date, there are no backwards |
189 |
compatibility concerns. |
190 |
|
191 |
External documentation |
192 |
====================== |
193 |
|
194 |
Much of the above was driven by the following: |
195 |
|
196 |
* NIST SP 800-57 recommendations [#NISTSP800571]_, [#NISTSP800572]_ |
197 |
|
198 |
* Debian GPG documentation [#DEBIANGPG]_ |
199 |
|
200 |
* RiseUp.net OpenPGP best practices [#RISEUP]_ |
201 |
|
202 |
* ENISA Algorithms, Key Sizes and Parameters Report 2013 [#ENISA2013]_ |
203 |
|
204 |
References |
205 |
========== |
206 |
|
207 |
.. [#GNUPG-FAQ-11-4] GnuPG FAQ: Why doesn’t GnuPG default to using RSA-4096? |
208 |
(https://www.gnupg.org/faq/gnupg-faq.html#no_default_of_rsa4096) |
209 |
|
210 |
.. [#DEBIANGPG] Debian GPG documentation |
211 |
(https://wiki.debian.org/Keysigning) |
212 |
|
213 |
.. [#EKAIA] Ana's blog: Creating a new GPG key |
214 |
(http://ekaia.org/blog/2009/05/10/creating-new-gpgkey/) |
215 |
|
216 |
.. [#RISEUP] RiseUp.net OpenPGP best practices |
217 |
(https://help.riseup.net/en/security/message-security/openpgp/best-practices) |
218 |
|
219 |
.. [#DEVMANUAL-MANIFEST] Gentoo Development Guide: Manifest |
220 |
(http://devmanual.gentoo.org/general-concepts/manifest/index.html) |
221 |
|
222 |
.. [#GNUPG-USER] GnuPG Gentoo User Guide |
223 |
(http://www.gentoo.org/doc/en/gnupg-user.xml) |
224 |
|
225 |
.. [#NISTSP800571] NIST SP 800-57: Recommendation for Key Management: |
226 |
Part 1: General (Revision 3) |
227 |
(http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57_part1_rev3_general.pdf) |
228 |
|
229 |
.. [#NISTSP800572] NIST SP 800-57: Recommendation for Key Management: |
230 |
Part 2: Best Practices for Key Management Organization |
231 |
(http://csrc.nist.gov/publications/nistpubs/800-57/SP800-57-Part2.pdf) |
232 |
|
233 |
.. [#ISSUER-ANNOTATE] Including the entire fingerprint of the issuer |
234 |
in an OpenPGP certification |
235 |
(http://thread.gmane.org/gmane.mail.notmuch.general/3721/focus=7234) |
236 |
|
237 |
.. [#ENISA2013] ENISA Algorithms, Key Sizes and Parameters Report, |
238 |
2013 recommendations, version 1.0 (October 2013) |
239 |
(https://www.enisa.europa.eu/activities/identity-and-trust/library/deliverables/algorithms-key-sizes-and-parameters-report) |
240 |
|
241 |
Copyright |
242 |
========= |
243 |
Copyright (c) 2013 by Robin Hugh Johnson, Andreas K. Hüttel, Marissa Fischer. |
244 |
|
245 |
This work is licensed under the Creative Commons Attribution-ShareAlike 3.0 |
246 |
Unported License. To view a copy of this license, visit |
247 |
http://creativecommons.org/licenses/by-sa/3.0/. |
248 |
|
249 |
-- |
250 |
Best regards, |
251 |
Michał Górny |