From: Greg KH <gregkh@suse.de>
To: Mark Brown <broonie@opensource.wolfsonmicro.com>
Cc: Jon Masters <jonathan@jonmasters.org>,
Valdis.Kletnieks@vt.edu, Adrian Bunk <bunk@stusta.de>,
"Frank Ch. Eigler" <fche@redhat.com>,
"H. Peter Anvin" <hpa@zytor.com>,
"Rafael J. Wysocki" <rjw@sisk.pl>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: kernel.org status: establishing a PGP web of trust
Date: Thu, 6 Oct 2011 10:48:02 -0700 [thread overview]
Message-ID: <20111006174802.GE16941@suse.de> (raw)
In-Reply-To: <20111006173940.GF12975@sirena.org.uk>
On Thu, Oct 06, 2011 at 06:39:40PM +0100, Mark Brown wrote:
> On Thu, Oct 06, 2011 at 11:58:22AM -0400, Jon Masters wrote:
>
> > What I'd like to see is "keysigning" parties where folks with well
> > established (in use) keys turn up and *prove* they own the key by
> > signing some information the other attendees provide. That way they can
> > not only say "hey, I'm dude X, trust me this is my fingerprint, here's a
> > photo ID" (which means nothing in the case of a well established online
> > identify that is trusted already), but they can say "hey, I have access
> > to this key, because I just signed that random message you gave me
> > interactively". Who cares who the heck they really are beyond that?
> > (intentionally a loaded statement to make the point).
>
> A common approach to this for at least the e-mail portion of the address
> is to sign the ID with the address and then mail the signed key
> encrypted to the address, deleting all local copies and requiring that
> the recipient publish the signature. This at least demonstrates that
> the owner of the key can read mail at that address.
The 'caff' tool does this for you automatically. I just learned of it
yesterday, and already it's saved me loads of time. Highly recommended,
and odds are it's already packaged up for you in your distro.
greg k-h
next prev parent reply other threads:[~2011-10-06 17:48 UTC|newest]
Thread overview: 188+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-09-30 23:50 kernel.org status: establishing a PGP web of trust H. Peter Anvin
2011-09-30 23:59 ` kernel.org status: hints on how to check your machine for intrusion Greg KH
2011-10-01 1:15 ` David Miller
2011-10-01 4:54 ` Greg KH
2011-10-01 7:35 ` Willy Tarreau
2011-10-01 14:07 ` Greg KH
2011-10-01 18:06 ` Steven Rostedt
2011-10-01 18:13 ` David Miller
2011-10-01 18:29 ` Steven Rostedt
2011-10-01 18:34 ` Willy Tarreau
2011-10-01 21:23 ` Henrique de Moraes Holschuh
2011-10-01 21:30 ` Henrique de Moraes Holschuh
2011-10-03 9:28 ` Maarten Lankhorst
2011-10-01 18:40 ` Steven Rostedt
2011-10-01 18:45 ` Steven Rostedt
2011-10-03 9:47 ` gmack
2011-10-01 22:06 ` Frank A. Kingswood
2011-10-03 9:49 ` gmack
2011-10-01 14:17 ` akwatts
2011-10-01 14:28 ` Greg KH
2011-10-01 16:29 ` Andy
2011-10-01 16:56 ` Willy Tarreau
2011-10-01 17:19 ` Andy
2011-10-01 17:54 ` Andreas Schwab
2011-10-01 22:32 ` H. Peter Anvin
2011-10-01 17:54 ` Willy Tarreau
2011-10-01 18:40 ` Andy
2011-10-01 19:06 ` Willy Tarreau
2011-10-01 19:24 ` Greg KH
2011-10-01 20:07 ` Willy Tarreau
2011-10-01 20:29 ` Andreas Schwab
2011-10-01 20:32 ` Willy Tarreau
2011-10-01 20:24 ` Andy
2011-10-01 22:43 ` Willy Tarreau
2011-10-02 0:10 ` H. Peter Anvin
2011-10-02 5:35 ` Willy Tarreau
2011-10-02 1:58 ` tmhikaru
2011-10-02 2:26 ` Greg KH
2011-10-02 3:30 ` Andy
2011-10-02 4:39 ` Greg KH
2011-10-02 6:59 ` Willy Tarreau
2011-10-02 12:03 ` Andy
2011-10-02 18:27 ` Willy Tarreau
2011-10-11 1:16 ` Andrew Watts
2011-10-02 3:31 ` tmhikaru
2011-10-07 9:28 ` Andrea Arcangeli
2011-10-13 2:34 ` Re " Matthew W.S. Bell
2011-10-13 10:59 ` Matthew W.S. Bell
2011-10-18 15:13 ` Jean Delvare
2011-10-18 15:21 ` Greg KH
2011-10-18 16:08 ` Jean Delvare
2011-10-01 14:05 ` kernel.org status: establishing a PGP web of trust Greg KH
2011-10-01 22:07 ` Rafael J. Wysocki
2011-10-01 22:26 ` Greg KH
2011-10-02 23:02 ` Nobuhiro Iwamatsu
2011-10-02 23:09 ` Greg KH
2011-10-03 9:14 ` Steven Rostedt
2011-10-03 14:13 ` Greg KH
2011-10-03 15:09 ` Steven Rostedt
2011-10-01 21:33 ` Rafael J. Wysocki
2011-10-01 22:27 ` H. Peter Anvin
2011-10-01 22:36 ` Randy Dunlap
2011-10-01 22:52 ` Ted Ts'o
2011-10-02 1:04 ` Rafael J. Wysocki
2011-10-02 1:04 ` H. Peter Anvin
2011-10-02 11:54 ` Rafael J. Wysocki
2011-10-02 17:53 ` H. Peter Anvin
2011-10-02 18:14 ` Rafael J. Wysocki
2011-10-02 18:19 ` H. Peter Anvin
2011-10-02 18:39 ` Willy Tarreau
2011-10-02 19:02 ` H. Peter Anvin
2011-10-02 19:24 ` Willy Tarreau
2011-10-02 19:29 ` Rafael J. Wysocki
2011-10-02 18:24 ` Henrique de Moraes Holschuh
2011-10-02 18:31 ` H. Peter Anvin
2011-10-02 19:31 ` Rafael J. Wysocki
2011-10-02 20:42 ` Henrique de Moraes Holschuh
2011-10-03 9:32 ` Adrian Bunk
2011-10-03 16:28 ` Frank Ch. Eigler
2011-10-03 18:04 ` Adrian Bunk
2011-10-04 20:29 ` Valdis.Kletnieks
2011-10-04 22:39 ` Adrian Bunk
2011-10-04 23:17 ` Frank Ch. Eigler
2011-10-05 4:37 ` Valdis.Kletnieks
2011-10-05 7:54 ` Adrian Bunk
2011-10-05 17:06 ` Ted Ts'o
2011-10-05 19:23 ` Adrian Bunk
2011-10-05 19:50 ` Adrian Bunk
2011-10-05 20:09 ` Greg KH
2011-10-05 21:25 ` Adrian Bunk
2011-10-05 23:47 ` Ted Ts'o
2011-10-06 7:16 ` Adrian Bunk
2011-10-05 23:57 ` Thomas Gleixner
2011-10-06 0:07 ` Jeremy Fitzhardinge
2011-10-06 0:18 ` Chris Friesen
2011-10-06 7:30 ` Thomas Gleixner
2011-10-06 17:19 ` Valdis.Kletnieks
2011-10-06 8:04 ` Adrian Bunk
2011-10-06 10:22 ` Thomas Gleixner
2011-10-06 11:10 ` Adrian Bunk
2011-10-06 11:05 ` Josh Boyer
2011-10-06 11:19 ` Adrian Bunk
2011-10-05 4:23 ` Valdis.Kletnieks
2011-10-05 20:00 ` Arnaud Lacombe
2011-10-05 20:19 ` Adrian Bunk
2011-10-05 20:36 ` Arnaud Lacombe
2011-10-05 23:55 ` Greg KH
2011-10-06 0:23 ` Arnaud Lacombe
2011-10-06 0:50 ` Arnaud Lacombe
2011-10-06 5:25 ` Greg KH
2011-10-06 13:44 ` Valdis.Kletnieks
2011-10-06 14:43 ` Arnaud Lacombe
2011-10-06 10:05 ` Alan Cox
2011-10-06 17:05 ` Krzysztof Halasa
2011-10-06 15:58 ` Jon Masters
2011-10-06 17:39 ` Mark Brown
2011-10-06 17:45 ` Krzysztof Halasa
2011-10-06 17:52 ` Mark Brown
2011-10-06 17:48 ` Greg KH [this message]
2011-10-06 18:08 ` H. Peter Anvin
2011-10-06 18:14 ` H. Peter Anvin
2011-10-06 19:50 ` Valdis.Kletnieks
2011-10-06 22:16 ` Krzysztof Halasa
2011-10-07 16:29 ` Valdis.Kletnieks
2011-10-07 16:59 ` Greg KH
2011-10-07 16:59 ` Arnaud Lacombe
2011-10-07 18:22 ` Valdis.Kletnieks
2011-10-08 5:02 ` Jon Masters
2011-10-08 14:36 ` Valdis.Kletnieks
2011-10-08 15:28 ` Geert Uytterhoeven
2011-10-08 15:48 ` Krzysztof Halasa
2011-10-08 17:59 ` Jon Masters
2011-10-08 21:06 ` Krzysztof Halasa
2011-10-08 21:09 ` H. Peter Anvin
2011-10-09 3:01 ` Jon Masters
2011-10-08 15:44 ` Krzysztof Halasa
2011-10-08 15:16 ` Krzysztof Halasa
2011-10-05 19:43 ` Arnaud Lacombe
2011-10-02 18:36 ` Randy Dunlap
2011-10-02 22:46 ` Valdis.Kletnieks
2011-10-02 23:16 ` Josh Boyer
2011-10-03 0:24 ` H. Peter Anvin
2011-10-02 22:54 ` Guenter Roeck
2011-10-02 22:58 ` H. Peter Anvin
2011-10-02 23:23 ` Olof Johansson
2011-10-02 23:27 ` H. Peter Anvin
2011-10-03 0:44 ` Jeremy Fitzhardinge
2011-10-03 1:00 ` Dmitry Torokhov
2011-10-03 1:00 ` Guenter Roeck
2011-10-03 1:09 ` Ted Ts'o
2011-10-03 1:21 ` Jeremy Fitzhardinge
2011-10-03 1:22 ` H. Peter Anvin
2011-10-03 1:42 ` Andrew Morton
2011-10-03 1:43 ` H. Peter Anvin
2011-10-03 3:15 ` Geoff Levand
2011-10-03 3:29 ` Ted Ts'o
2011-10-03 3:38 ` Dmitry Torokhov
2011-10-03 3:54 ` Ted Ts'o
2011-10-03 4:02 ` Andrew Morton
2011-10-03 4:33 ` Ted Ts'o
2011-10-03 0:43 ` Lee Mathers
2011-10-03 9:53 ` Jonathan Cameron
2011-10-04 22:34 ` Ralf Baechle
2011-10-05 19:12 ` Maciej W. Rozycki
2011-10-06 13:27 ` Cambridge, UK key signing meeting. Thursday 13th Oct Jonathan Cameron
2011-10-11 16:33 ` Jonathan Cameron
2011-10-02 18:20 ` kernel.org status: establishing a PGP web of trust Henrique de Moraes Holschuh
2011-10-03 1:18 ` Ben Pfaff
2011-10-03 1:49 ` H. Peter Anvin
2011-10-03 11:19 ` Jiri Kosina
2011-10-03 22:56 ` Josh Triplett
2011-10-04 4:49 ` Ted Ts'o
2011-10-04 4:52 ` H. Peter Anvin
2011-10-04 5:11 ` Ted Ts'o
2011-10-04 16:37 ` H. Peter Anvin
2011-10-04 7:15 ` Jiri Kosina
2011-10-04 19:23 ` Rafael J. Wysocki
2011-10-06 3:14 ` John Johansen
2011-10-06 4:49 ` hpanvin@gmail.com
2011-10-04 12:51 ` Heiko Carstens
2011-10-04 22:02 ` Jiri Kosina
2011-10-04 22:04 ` H. Peter Anvin
2011-10-05 0:27 ` Henrique de Moraes Holschuh
2011-10-03 17:50 ` Adrian Bunk
2011-10-06 18:22 ` Krzysztof Halasa
2011-10-06 18:31 ` Rafael J. Wysocki
2011-10-06 21:19 ` [Warsaw Poland] " Krzysztof Halasa
2011-10-06 21:37 ` Rafael J. Wysocki
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20111006174802.GE16941@suse.de \
--to=gregkh@suse.de \
--cc=Valdis.Kletnieks@vt.edu \
--cc=broonie@opensource.wolfsonmicro.com \
--cc=bunk@stusta.de \
--cc=fche@redhat.com \
--cc=hpa@zytor.com \
--cc=jonathan@jonmasters.org \
--cc=linux-kernel@vger.kernel.org \
--cc=rjw@sisk.pl \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.