Re: [gentoo-dev] [PATCH v3 00/12] GLEP 63 update - gentoo-dev

From:	"Michał Górny" <mgorny@g.o>
To:	gentoo-dev@l.g.o
Cc:	robbat2@g.o
Subject:	Re: [gentoo-dev] [PATCH v3 00/12] GLEP 63 update
Date:	Sat, 07 Jul 2018 05:50:45
Message-Id:	`1530942631.900.5.camel@gentoo.org`
In Reply to:	Re: [gentoo-dev] [PATCH v3 00/12] GLEP 63 update by Richard Yao

1

W dniu pią, 06.07.2018 o godzinie 21∶26 -0400, użytkownik Richard Yao

2

napisał:

3

> > On Jul 5, 2018, at 4:53 PM, Michał Górny <mgorny@g.o> wrote:

4

> >

5

> > Hi,

6

> >

7

> > Here's third version of the patches.  I've incorporated the feedback

8

> > so far and reordered the patches (again) to restore their

9

> > degree-of-compatibility order.  The full text is included below.

10

> >

11

> >

12

> > Michał Górny (12):

13

> >  glep-0063: Use 'OpenPGP' as appropriate

14

> >  glep-0063: RSAv4 -> OpenPGP v4 key format

15

> >  glep-0063: 'Gentoo subkey' → 'Signing subkey'

16

> >  glep-0063: Root key → primary key

17

> >  glep-0063: Split out the signing subkey into a separation point

18

> >  glep-0063: Explain minimal & recommended sections

19

> >  glep-0063: Change the recommended RSA key size to 2048 bits

20

> >  glep-0063: Allow ECC curve 25519 keys

21

> >  glep-0063: Stop recommending DSA subkeys

22

> >  glep-0063: Make 2-yearly expiration term mandatory

23

> >  glep-0063: Require renewal 2 weeks before expiration

24

> >  glep-0063: Disallow using DSA keys

25

> >

26

> > glep-0063.rst | 97 +++++++++++++++++++++++++++++++++------------------

27

> > 1 file changed, 64 insertions(+), 33 deletions(-)

28

> >

29

> >

30

> > ---

31

> > GLEP: 63

32

> > Title: Gentoo OpenPGP policies

33

> > Author: Robin H. Johnson <robbat2@g.o>,

34

> >        Andreas K. Hüttel <dilfridge@g.o>,

35

> >        Marissa Fischer <blogtodiffer@×××××.com>

36

> > Type: Standards Track

37

> > Status: Final

38

> > Version: 2

39

> > Created: 2013-02-18

40

> > Last-Modified: 2018-07-05

41

> > Post-History: 2013-11-10

42

> > Content-Type: text/x-rst

43

> > ---

44

> >

45

> > Credits

46

> > =======

47

> >

48

> > Many developers and external sources helped in this GLEP.

49

> >

50

> > Abstract

51

> > ========

52

> >

53

> > This GLEP provides both a minimum requirement and a recommended set of

54

> > OpenPGP key management policies for the Gentoo Linux distribution.

55

> >

56

> > Changes

57

> > =======

58

> >

59

> > v2

60

> >  The distinct minimal and recommended expirations have been replaced

61

> >  by a single requirement. The rules have been simplified to use

62

> >  the same time of 2 years for both the primary key and subkeys.

63

> >

64

> >  An additional rule requesting key renewal 2 weeks before expiration

65

> >  has been added. This is in order to give services and other developers time

66

> >  to refresh the key.

67

> >

68

> >  The usage of DSA keys has been disallowed.

69

> >

70

> > v1.1

71

> >  The recommended RSA key size has been changed from 4096 bits

72

> >  to 2048 bits to match the GnuPG recommendations [#GNUPG-FAQ-11-4]_.

73

> >  The larger recommendation was unjustified and resulted in people

74

> >  unnecessarily replacing their RSA-2048 keys.

75

> >

76

> >  Minimal specification has been amended to allow for ECC keys.

77

> >

78

> >  The option of using DSA subkey has been removed from recommendations.

79

> >  The section now specifies a single recommendation of using RSA.

80

> >

81

> > Motivation

82

> > ==========

83

> >

84

> > Given the increasing use and importance of cryptographic protocols in internet

85

> > transactions of any kind, unified requirements for OpenPGP keys used in Gentoo

86

> > Linux development are sorely needed.  This document provides both a set of

87

> > bare minimum requirements and a set of best practice recommendations for

88

> > the use of GnuPG (or other OpenPGP providers) by Gentoo Linux developers.

89

> > It is intended to provide a basis for future improvements such as, e.g.,

90

> > consistent ebuild or package signing and verifying by end users.

91

> >

92

> > Specifications for OpenPGP keys

93

> > ===============================

94

> >

95

> > Bare minimum requirements

96

> > -------------------------

97

> > This section specifies obligatory requirements for all OpenPGP keys used

98

> > to commit to Gentoo. Keys that do not conform to those requirements can

99

> > not be used to commit.

100

> >

101

> > 1. SHA2-series output digest (SHA1 digests internally permitted),

102

> >   256bit or more::

103

> >

104

> >       personal-digest-preferences SHA256

105

> >

106

> > 2. Signing subkey that is different from the primary key, and does not

107

> >   have any other capabilities enabled.

108

> >

109

> > 3. Primary key and the signing subkey are both of type EITHER:

110

> >

111

> >   a. RSA, >=2048 bits (OpenPGP v4 key format or later only)

112

> >

113

> >   b. ECC curve 25519

114

> >

115

> > 4. Expiration date on key and all subkeys set to at most 2 years

116

> >

117

> > 5. Key expiration date renewed at least 2 weeks before the previous

118

> >   expiration date.

119

> >

120

> > 6. Upload your key to the SKS keyserver rotation before usage!

121

> >

122

> > Recommendations

123

> > ---------------

124

> > This section specifies the best practices for Gentoo developers.

125

> > The developers should follow those practices unless there is a strong

126

> > technical reason not to (e.g. hardware limitations, necessity of replacing

127

> > their primary key).

128

> >

129

> > 1. Copy ``/usr/share/gnupg/gpg-conf.skel`` to ``~/.gnupg/gpg.conf``, append

130

> >   the following block::

131

>

132

> That file no longer exists.

133

> >

134

> >       keyserver pool.sks-keyservers.net

135

>

136

> This is less secure than the default according to K_F in #gentoo-infra.

137

> >

138

> >       emit-version

139

>

140

> K_F indicated that this harms security too.

141

> >

142

> >       default-recipient-self

143

> >

144

> >       # -- All of the below portion from the RiseUp.net OpenPGP best practices, and

145

> >       # -- many of them are also in the Debian GPG documentation.

146

> >

147

> >       # when outputting certificates, view user IDs distinctly from keys:

148

> >       fixed-list-mode

149

> >

150

> >       # long keyids are more collision-resistant than short keyids (it's trivial to make a key

151

> >       # with any desired short keyid)

152

> >       # NOTE: this breaks kmail gnupg support!

153

> >       keyid-format 0xlong

154

>

155

> This makes the key ids shorter. ^_^;;

156

> >

157

> >       # when multiple digests are supported by all recipients, choose the strongest one:

158

> >       personal-digest-preferences SHA512 SHA384 SHA256 SHA224

159

> >

160

> >       # preferences chosen for new keys should prioritize stronger algorithms:

161

> >       default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 BZIP2 ZLIB ZIP Uncompressed

162

> >

163

> >       # If you use a graphical environment (and even if you don't) you should be using an agent:

164

> >       # (similar arguments as  https://www.debian-administration.org/users/dkg/weblog/64)

165

> >       use-agent

166

> >

167

> >       # You should always know at a glance which User IDs gpg thinks are legitimately bound to

168

> >       # the keys in your keyring:

169

> >       verify-options show-uid-validity

170

> >       list-options show-uid-validity

171

> >

172

> >       # include an unambiguous indicator of which key made a signature:

173

> >       # (see http://thread.gmane.org/gmane.mail.notmuch.general/3721/focus=7234)

174

> >       # (and http://www.ietf.org/mail-archive/web/openpgp/current/msg00405.html)

175

> >       sig-notation issuer-fpr@×××××××××××××××××××××××××××××××.net=%g

176

> >

177

> >       # when making an OpenPGP certification, use a stronger digest than the default SHA1:

178

> >       cert-digest-algo SHA256

179

>

180

> Could we just drop the recommended gpg.conf? Many of these suggestions are outdated.

181

> >

182

183

I didn't like it either but didn't want to spent time updating it. 

184

Dropping completely works for me.  Done in v4.

185

186

--

187

Best regards,

188

Michał Górny

Gentoo Archives: gentoo-dev

Attachments

1	W dniu pią, 06.07.2018 o godzinie 21∶26 -0400, użytkownik Richard Yao
2	napisał:
3	> > On Jul 5, 2018, at 4:53 PM, Michał Górny <mgorny@g.o> wrote:
4	> >
5	> > Hi,
6	> >
7	> > Here's third version of the patches. I've incorporated the feedback
8	> > so far and reordered the patches (again) to restore their
9	> > degree-of-compatibility order. The full text is included below.
10	> >
11	> >
12	> > Michał Górny (12):
13	> > glep-0063: Use 'OpenPGP' as appropriate
14	> > glep-0063: RSAv4 -> OpenPGP v4 key format
15	> > glep-0063: 'Gentoo subkey' → 'Signing subkey'
16	> > glep-0063: Root key → primary key
17	> > glep-0063: Split out the signing subkey into a separation point
18	> > glep-0063: Explain minimal & recommended sections
19	> > glep-0063: Change the recommended RSA key size to 2048 bits
20	> > glep-0063: Allow ECC curve 25519 keys
21	> > glep-0063: Stop recommending DSA subkeys
22	> > glep-0063: Make 2-yearly expiration term mandatory
23	> > glep-0063: Require renewal 2 weeks before expiration
24	> > glep-0063: Disallow using DSA keys
25	> >
26	> > glep-0063.rst \| 97 +++++++++++++++++++++++++++++++++------------------
27	> > 1 file changed, 64 insertions(+), 33 deletions(-)
28	> >
29	> >
30	> > ---
31	> > GLEP: 63
32	> > Title: Gentoo OpenPGP policies
33	> > Author: Robin H. Johnson <robbat2@g.o>,
34	> > Andreas K. Hüttel <dilfridge@g.o>,
35	> > Marissa Fischer <blogtodiffer@×××××.com>
36	> > Type: Standards Track
37	> > Status: Final
38	> > Version: 2
39	> > Created: 2013-02-18
40	> > Last-Modified: 2018-07-05
41	> > Post-History: 2013-11-10
42	> > Content-Type: text/x-rst
43	> > ---
44	> >
45	> > Credits
46	> > =======
47	> >
48	> > Many developers and external sources helped in this GLEP.
49	> >
50	> > Abstract
51	> > ========
52	> >
53	> > This GLEP provides both a minimum requirement and a recommended set of
54	> > OpenPGP key management policies for the Gentoo Linux distribution.
55	> >
56	> > Changes
57	> > =======
58	> >
59	> > v2
60	> > The distinct minimal and recommended expirations have been replaced
61	> > by a single requirement. The rules have been simplified to use
62	> > the same time of 2 years for both the primary key and subkeys.
63	> >
64	> > An additional rule requesting key renewal 2 weeks before expiration
65	> > has been added. This is in order to give services and other developers time
66	> > to refresh the key.
67	> >
68	> > The usage of DSA keys has been disallowed.
69	> >
70	> > v1.1
71	> > The recommended RSA key size has been changed from 4096 bits
72	> > to 2048 bits to match the GnuPG recommendations [#GNUPG-FAQ-11-4]_.
73	> > The larger recommendation was unjustified and resulted in people
74	> > unnecessarily replacing their RSA-2048 keys.
75	> >
76	> > Minimal specification has been amended to allow for ECC keys.
77	> >
78	> > The option of using DSA subkey has been removed from recommendations.
79	> > The section now specifies a single recommendation of using RSA.
80	> >
81	> > Motivation
82	> > ==========
83	> >
84	> > Given the increasing use and importance of cryptographic protocols in internet
85	> > transactions of any kind, unified requirements for OpenPGP keys used in Gentoo
86	> > Linux development are sorely needed. This document provides both a set of
87	> > bare minimum requirements and a set of best practice recommendations for
88	> > the use of GnuPG (or other OpenPGP providers) by Gentoo Linux developers.
89	> > It is intended to provide a basis for future improvements such as, e.g.,
90	> > consistent ebuild or package signing and verifying by end users.
91	> >
92	> > Specifications for OpenPGP keys
93	> > ===============================
94	> >
95	> > Bare minimum requirements
96	> > -------------------------
97	> > This section specifies obligatory requirements for all OpenPGP keys used
98	> > to commit to Gentoo. Keys that do not conform to those requirements can
99	> > not be used to commit.
100	> >
101	> > 1. SHA2-series output digest (SHA1 digests internally permitted),
102	> > 256bit or more::
103	> >
104	> > personal-digest-preferences SHA256
105	> >
106	> > 2. Signing subkey that is different from the primary key, and does not
107	> > have any other capabilities enabled.
108	> >
109	> > 3. Primary key and the signing subkey are both of type EITHER:
110	> >
111	> > a. RSA, >=2048 bits (OpenPGP v4 key format or later only)
112	> >
113	> > b. ECC curve 25519
114	> >
115	> > 4. Expiration date on key and all subkeys set to at most 2 years
116	> >
117	> > 5. Key expiration date renewed at least 2 weeks before the previous
118	> > expiration date.
119	> >
120	> > 6. Upload your key to the SKS keyserver rotation before usage!
121	> >
122	> > Recommendations
123	> > ---------------
124	> > This section specifies the best practices for Gentoo developers.
125	> > The developers should follow those practices unless there is a strong
126	> > technical reason not to (e.g. hardware limitations, necessity of replacing
127	> > their primary key).
128	> >
129	> > 1. Copy ``/usr/share/gnupg/gpg-conf.skel`` to ``~/.gnupg/gpg.conf``, append
130	> > the following block::
131	>
132	> That file no longer exists.
133	> >
134	> > keyserver pool.sks-keyservers.net
135	>
136	> This is less secure than the default according to K_F in #gentoo-infra.
137	> >
138	> > emit-version
139	>
140	> K_F indicated that this harms security too.
141	> >
142	> > default-recipient-self
143	> >
144	> > # -- All of the below portion from the RiseUp.net OpenPGP best practices, and
145	> > # -- many of them are also in the Debian GPG documentation.
146	> >
147	> > # when outputting certificates, view user IDs distinctly from keys:
148	> > fixed-list-mode
149	> >
150	> > # long keyids are more collision-resistant than short keyids (it's trivial to make a key
151	> > # with any desired short keyid)
152	> > # NOTE: this breaks kmail gnupg support!
153	> > keyid-format 0xlong
154	>
155	> This makes the key ids shorter. ^_^;;
156	> >
157	> > # when multiple digests are supported by all recipients, choose the strongest one:
158	> > personal-digest-preferences SHA512 SHA384 SHA256 SHA224
159	> >
160	> > # preferences chosen for new keys should prioritize stronger algorithms:
161	> > default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 BZIP2 ZLIB ZIP Uncompressed
162	> >
163	> > # If you use a graphical environment (and even if you don't) you should be using an agent:
164	> > # (similar arguments as https://www.debian-administration.org/users/dkg/weblog/64)
165	> > use-agent
166	> >
167	> > # You should always know at a glance which User IDs gpg thinks are legitimately bound to
168	> > # the keys in your keyring:
169	> > verify-options show-uid-validity
170	> > list-options show-uid-validity
171	> >
172	> > # include an unambiguous indicator of which key made a signature:
173	> > # (see http://thread.gmane.org/gmane.mail.notmuch.general/3721/focus=7234)
174	> > # (and http://www.ietf.org/mail-archive/web/openpgp/current/msg00405.html)
175	> > sig-notation issuer-fpr@×××××××××××××××××××××××××××××××.net=%g
176	> >
177	> > # when making an OpenPGP certification, use a stronger digest than the default SHA1:
178	> > cert-digest-algo SHA256
179	>
180	> Could we just drop the recommended gpg.conf? Many of these suggestions are outdated.
181	> >
182
183	I didn't like it either but didn't want to spent time updating it.
184	Dropping completely works for me. Done in v4.
185
186	--
187	Best regards,
188	Michał Górny