[Cryptography] Subject: OpenPGP and trust

Stuart Longland stuartl at longlandclan.yi.org
Sun Mar 30 03:13:36 EDT 2014 

On Sat, 29 Mar 2014 21:03:13 -0400, Arnold Reinhold wrote:

> On Sat, 29 Mar 2014 11:43 Stuart Longland wrote:
> ...
>> I'm looking at ways in which I can authenticate users, and the
>> automatic agents they might be responsible for, in a distributed
>> manner.  In particular, I'm thinking of the amateur radio world but the
>> situation is applicable elsewhere too.
> 
> First, as I understand things, the prohibition on encryption in Amateur
> Radio under International Radio Regulations and US FCC regulations does
> not apply to authentication. They both say  "Transmissions between
> amateur stations ... shall not be encoded for the purpose of obscuring
> their meaning ..."
> 
> The US Amateur Radio Relay League (ARRL) filed a lengthly brief with the
> FCC opposing a petition to allow encryption, on the grounds it was
> harmful and unnecessary.
> http://apps.fcc.gov/ecfs/document/view?id=7520928844
> 
> Section IV of the brief specifically covers authentication...
[snip]
> 
> I have no idea if the Australian authorities take the same view, but I
> imagine you would have a strong argument for such an interpretation.

The Amateur License Conditions Determination has a similar provision:

"(3A) The licensee must not operate an amateur station to transmit 
signals that are
encoded for the purpose of obscuring the meaning of the signals, except 
for:
(a) signals exchanged between an amateur station and a space station in
the amateur satellite service for the purpose of controlling the operation
of the space station; and
(b) signals exchanged between an amateur station and an unattended
amateur station for the purpose of controlling the operation of the
unattended amateur station; and
(c) intercommunications when participating in emergency services
operations or related training exercises."

So for (b), we're even allowed encryption.  However my intent isn't to
obscure meaning, just to prove who said what.

If I were to write some software for doing this, it'd be defaulting to 
sign-only keys, with the advice that you *only* use an encryption-capable 
key (e.g. RSA, or DSA+Elgamal) if you partake in activities that would be 
classified as "emergency services operations/training exercises".

> Second, I would ask what kind of system you would set up in the good old
> days before electronic signatures? I imagine you might make a list of
> people authorized to use the facilities, a separate list of those
> authorized to make changes and finally a list of people authorized to
> issue authorization, the last perhaps the governing board or owner of
> the organization.  You might have reciprocal use privileges with another
> organization, but would expect members with change privileges in the
> other organization to apply for the same privileges in your group,
> perhaps with expedited approval. You would also want to know who in the
> other organization is authorized to issue credentials.
> 
> It seems to me a similar system model could be set up using OpenPGP
> signatures, rather than use the more generic trust levels.

This is true, and for the administrator users, there probably would be a
list of signatures kept on the server, signed by one of the admin keys
that would grant administrator access.  This being the primary means of
access control.

If the trust model were applied though, this would allow "guests" of the
system to make use of it.

If people signed other peoples keys after checking (1) that they are who
they say they are, and (2) hold a given license; then a signed key would
authenticate someone as being an amateur operator who is logging in as a
guest on the system, and not some imposter who's just figured out they
can wire the sound card of their computer to their radio to wreak havoc.

The other way I guess I could do some of the above would be S/MIME, with
individual radio clubs being certificate authorities or something.  CAs
can cross-certify each-other by signing eachothers keys (least I
remember hearing this back when I was studying some crypto subject at
university).  However, I think OpenPGP is closer to the community-spirit
of amateur radio which is why I've considered it first.

One thing I haven't yet found a definitive answer on.  I can sign a key
and assign trust.  Am I correct in assuming that the presence of the
trust signature (or a revoked trust signature) is a binary statement of
"I believe the person named really holds this key" versus "I believe an 
imposter holds this key" and that the trust level exclusively refers to
how much you believe this person in identifying others?

I seem to recall seeing something wherein you could state how carefully
you checked their identity (i.e. not at all through to very careful) but
can't see reference to it in the relevant RFCs.  Maybe the thing I'm 
thinking of is just stored locally and isn't exported with the public key.

More information about the cryptography mailing list