[Cryptography] OpenPGP and trust

Stuart Longland stuartl at longlandclan.yi.org
Sun Mar 30 03:39:59 EDT 2014

On Sat, 29 Mar 2014 11:43:24 +1000, Stuart Longland wrote:

> OpenPGP does provide a means of me "vouching" for another user.  Suppose
> I wanted to set up a messaging service for my local emergency
> communications group, Brisbane Area WICEN.  We set up a computer and
> plug it into a radio, mount that up on one of the towers we rent. 
> (They've got a couple around SE Queensland.)
> The computer is in some comms room, not accessible to me directly, and
> not connected to the Internet, but I want users to be able to
> authenticate themselves over the clear-text link, so the computer can
> differentiate them from some smart-arsed pirate with a $50 hand-held
> radio off eBay and a radio-computer interface.
> It'd also be useful from an administrative stand-point to be able to
> send administration commands to that computer, have it perform
> instructions, then get back to me.  A bit like the `uux` command in
> UUCP.  (And yes, I know of "grunt" and do use it over UUCP/SSH already.)

Thinking about the message I just posted (and hasn't arrived in the 
mailing list yet) I thought of another example in service like Echolink.

Echolink, for those of you who aren't amateur operators, is basically a 
Voice-over-IP system linked to the amateur radio band.  You download a 
client application that you can run on your computer and it allows you to 
connect to repeater and radio links over the Internet.

Since it's a requirement that users of these radio links and repeaters 
are licensed radio operators, the Echolink system operators require that 
you prove you're a licensed amateur operator when you first sign up.

Presently they do this by requesting you scan a copy of your license and 
email it to them.

I've never met the people who run Echolink, but I've met quite a few 
amateurs in my local area, and some from interstate/overseas.

A signed email using a key that embeds your call-sign and a chain of 
trust leading back to this hypothetical operator of Echolink might be all 
that's necessary to prove you hold that call-sign.

So the purpose would be to authenticate yourself not to a computer, but 
to a human who in all likelihood won't get to meet you in person, and so 
similarly has no opportunity to verify identity.

The devil as always is in the details, and it requires that everyone tow 
the line and do proper checks.

I'm interested to know if there's any hidden gotchas that might 
compromise such a system.

More information about the cryptography mailing list