[Cryptography] OpenPGP and trust
Stuart Longland
stuartl at longlandclan.yi.org
Sun Mar 30 03:39:59 EDT 2014
On Sat, 29 Mar 2014 11:43:24 +1000, Stuart Longland wrote:
> OpenPGP does provide a means of me "vouching" for another user. Suppose
> I wanted to set up a messaging service for my local emergency
> communications group, Brisbane Area WICEN. We set up a computer and
> plug it into a radio, mount that up on one of the towers we rent.
> (They've got a couple around SE Queensland.)
>
> The computer is in some comms room, not accessible to me directly, and
> not connected to the Internet, but I want users to be able to
> authenticate themselves over the clear-text link, so the computer can
> differentiate them from some smart-arsed pirate with a $50 hand-held
> radio off eBay and a radio-computer interface.
>
> It'd also be useful from an administrative stand-point to be able to
> send administration commands to that computer, have it perform
> instructions, then get back to me. A bit like the `uux` command in
> UUCP. (And yes, I know of "grunt" and do use it over UUCP/SSH already.)
Thinking about the message I just posted (and hasn't arrived in the
mailing list yet) I thought of another example in service like Echolink.
Echolink, for those of you who aren't amateur operators, is basically a
Voice-over-IP system linked to the amateur radio band. You download a
client application that you can run on your computer and it allows you to
connect to repeater and radio links over the Internet.
Since it's a requirement that users of these radio links and repeaters
are licensed radio operators, the Echolink system operators require that
you prove you're a licensed amateur operator when you first sign up.
Presently they do this by requesting you scan a copy of your license and
email it to them.
I've never met the people who run Echolink, but I've met quite a few
amateurs in my local area, and some from interstate/overseas.
A signed email using a key that embeds your call-sign and a chain of
trust leading back to this hypothetical operator of Echolink might be all
that's necessary to prove you hold that call-sign.
So the purpose would be to authenticate yourself not to a computer, but
to a human who in all likelihood won't get to meet you in person, and so
similarly has no opportunity to verify identity.
The devil as always is in the details, and it requires that everyone tow
the line and do proper checks.
I'm interested to know if there's any hidden gotchas that might
compromise such a system.
More information about the cryptography
mailing list