[JDEV] PGP and the Web of Trust

[Max Horn]

Hi there,

judging by some early messages on the PGP key issue, I think that not 
everyon knows or fully understands the PGP web of trust, so let me 
explain here what it is, and why it means we can safely store keys in 
the vcard or even send them along with messages (not that I would 
like this to happen, as it would take to much bandwith IMHO).

First, some definitons:


"Valid":
a (public) key is "valid" if you know it really belongs to the person 
whose name appears on it (e.g. my key is marked as belonging to "Max 
Horn <max at quendi.de>"). Note: this does not tell you how to determine 
if a key is valid

"Trusted":
If you "trust" a key, it means you think that the guy who own the key 
is trustworthy. If that guy signs a key, you think that the key 
signed by him is valid. A key which is "trusted" must be valid first.
Note: If you know someone well, and think he's hones, you not 
necessarily have to "trust" him in the sense of this definition. 
Trusting someone means you think he's not only honest but also 
understands the Web Of Trust and is so clever to verify any key 
before signing it! If someone is honest but a bit, err, stupid, you 
won't trust him on signing keys.


"Signing a key":
If you trust a key, you can mark it as such by signing it (and 
possibly redistrubting it, e.g. sending it back to the keyserver 
which then can add your signature to the key).


"CA" = Certification Authoriy:
A CA is a company or organizartion that has specialised on signing 
other keys. TO do so, they ususally request that you come physically 
to them, and show your ID card. They can then be sure your key is 
valid, and will sign it (thus marking it as valid).
Now, if you encounter a key that is new to you, but is signed by a CA 
you know, you can be sure it is valid (if you trust that particular 
CA; if M$ opens a CA, you might decide not to trust it <g>)



How the web of trust works:
===========================

You try to get as many people & CAs as possible to sign your key. 
Now, if someone wants to communicate encrypted with you, you can 
email him your key. This email could be intercept to do a 
"man-in-the-middle" attack of course. But just as well a keyserver 
could be replaced, so getting the key from one wouldn't be much more 
secure.

So, how can the guy be sure that your key is "valid" ? Simple: he 
checks who signed your key. If a CA or a guy he knows signed it, he 
can be sure it is valid. In reality, he propably will only accept it 
as valid if two or three CAs/guys signed it, but you get the idea I 
hope.

Now, what if he does not know any of the people who signed the key? 
No way for him to validate your key? There is a solution of course: 
he can fetch the keys of the people that signed your key. Then he can 
check those, and tries to validate the new keys. If he manages to 
validate enough of the new keys, he can validate your key, too.

To help you understand this, here's an example: my key is signed by 
the "c't CA". c't is a big german computer magzin, and you can easily 
verify their key since in each of their fortnightly issues they print 
the key finger print.

But since most people in the world won't be reading c't (and not even 
now it), this does not help. However, the c't key is signed by dozens 
other CAs and real people. Chances are high you know&trust at least 
some of the CAs signing the c't key, and thus can validate it. If you 
do, you can be sure my key is valid, too (if you trust me is 
something different).



Conclusion
==========

It is perfectly save to store public keys in the vcard, or send them 
along in messages or distribute them over your web page. It is *not* 
safer to only get keys from a keyserver. The only way to validate a 
key is to check who signed it, or to get it physically from someone 
(this can mean differnt things: you get it on a disk from a friend; 
or in the case of the c't key I can verifiy the key finger print 
printed black-on-white in each issue).




I hope this clarifies the topic. Feel free to ask me if you don't 
understand something. Oh, and if I made some mistakes, please forgive 
me, I'm only a human and wrote this down in a hurry :)


Bye,

Max




-- 
-----------------------------------------------
Max Horn
International C/C++/Internet Development

email: <mailto:max at quendi.de>
   web: <http://www.quendi.de>
phone: (+49) 2621-188947