PGP Global Directory, good thing?
Anonymous
December 2004
PGP ® White Paper - PGP Global Directory
Introduction
Most PGP users currently obtain the keys of their communication
partners in one of four ways:
1. Directly from the recipient by email, floppy disk, or USB drive
2. Via download from an in-house corporate PGP Keyserver
3. Via LDAP lookup on a PGP Universal Server authoritative for the
recipient domain
4. Via a public keyserver such as the PGP Keyserver operating at
keyserver.pgp.com
Publishing public keys on a PGP Universal server or in-house corporate
PGP Keyserver is generally the most desirable key distribution solution
for PGP enterprise users. However, operating a keyserver is not always
a viable option for individual users of PGP Desktop products.
Individual PGP Desktop users will generally store and retrieve users'
keys from a public PGP keyserver. Since 1997, PGP Corporation has
provided a public PGP Keyserver at keyserver.pgp.com. Encryption
enthusiasts unaffiliated with PGP Corporation are operating similar
public keyservers at various sites on the Internet.
Just as the public PGP Keyserver was operated as a free service, the
PGP Global Directory will continue to be offered as a free service to
the PGP global community. The PGP Global Directory will offer many new
features and benefits. It also addresses some longstanding issues with
the legacy public PGP Keyserver as well as with the design of
keyservers in general.
The Benefits of PGP Global Directory
There are several main benefits to using the new PGP Global Directory:
· Keys can be removed by the user
· Better privacy protections
· Automated removal of outdated keys for decommissioned email addresses
· Automatic posting of PGP keys
· Built on PGP Universal
· Default searching of the PGP Global Directory
Keys can be removed by the user
In the past, once users had uploaded a key to the established public
PGP Keyserver, they could never remove that key.
Just as it is a best practice to change passwords from time to time,
many PGP users also changed their keys periodically. Changing keys
required users to generate a new key and then revoke the old key.
However, not all users who created and uploaded new keys also revoked
their old keys. Therefore, when querying a legacy keyserver, senders
could still see these old keys, potentially encrypting a message to a
key no longer used by the user. The practice of leaving old keys on the
public keyserver resulted in some users receiving emails that were
encrypted with these not-revoked
Users can find lists of public PGP Keyservers at
http://www.pgpi.org/services/keys/keyservers/ , http://pgp.mit.edu/ ,
and http://www.pgp.net/pgpnet/ftp-key.html.
© 2004 PGP Corporation. All rights reserved.
PGP White Paper - PGP Global Directory
keys that were no longer available for decryption. The end result:
undecipherable emails and user frustration.
The new PGP Global Directory allows the owner of an email address to
remove or replace outdated PGP keys for that email address, as desired.
PGP Global Directory - Key Removal
Better privacy protections
Existing keyservers have no mechanism to determine if the owner of a
key for a particular email address wishes that key to be published on
the keyserver. Anybody can upload anyone's key, including fake keys
created for email addresses the submitter does not own. The traditional
PGP Web of Trust can be an effective means of authenticating that a key
belongs to the owner of the email address on the key; however, not all
PGP users diligently verify the signatures on a key.
The PGP Global Directory will verify that the owner of an email address
agrees to publish a particular key by sending an email notification
similar to those used to confirm mailing list subscription
© 2004 PGP Corporation. All rights reserved.
PGP White Paper - PGP Global Directory
requests. The email notification validates that the owner of the email
address to which a key claims to belong consents to the key being
associated with that email address.
PGP Global Directory - Confirmation Email Automated removal of outdated
keys for decommissioned email addresses
PGP Keyservers are fundamentally a type of directory. Compared to a
public phone directory, for example, a legacy keyserver would list
every phone number ever used next to an individual's name without
specifying which of these is the current phone number. Legacy PGP
Keyservers publish keys for outdated email addresses to which a user
has had no access in more than a decade.
Users of a directory expect it to be current, however. Therefore, every
6 months, the PGP Global Directory will send a notification email to
all email addresses associated with a key in the directory to verify
users'desire to have their keys available to the public. The PGP Global
Directory will remove the keys of those users who do not respond to the
email notification. Furthermore, the PGP Global Directory will store
only one active key per email address, eliminating sender confusion
about which recipient key should be used to encrypt to individuals
owning more than one key.
Automatic posting of PGP keys
Active existing users of the current PGP Keyserver will be prompted to
migrate to the new PGP Global Directory by clicking on a link in an
email notification. Some user keys will be migrated automatically. The
heuristics that determine which users will be offered automatic
migration depend on a number of factors: how long ago the key was
created, when it was last signed by another key,
© 2004 PGP Corporation. All rights reserved.
PGP White Paper - PGP Global Directory
and when it last made a signature on another key. Users who do not
receive a notice that their keys will be automatically migrated can
upload their keys to the PGP Global Directory at the URLs below at any
time. Both automatically migrated keys and manually uploaded keys will
be verified in the same 6-month interval.
Subsequent releases of PGP Desktop products will default to
automatically post existing and newly created PGP keys to the PGP
Global Directory. This approach relieves users of having to take the
manual of step of posting a new key, making exchanging encrypted emails
with the large and growing PGP user population even easier than before.
Built on PGP Universal
The legacy public PGP Keyserver is the most heavily used keyserver in
the world. The new PGP Global Directory will not only serve more key
submission and search requests than the previous keyserver, but will
offer support for both LDAP- and GUI-based user interactions, including
full support for Photo IDs. This combination means the new PGP Global
Directory will handle orders of magnitude more traffic than the legacy
public PGP Keyserver.
The performance of PGP Global Directory and the features it enables
will be provided in a pre-release version of PGP Universal 2.0, an
upcoming version of the award-winning PGP Universal product line. To
find out about enrolling in the PGP Universal 2.0 beta program, please
visit http://www.pgp.com/beta.
Default searching of the PGP Global Directory
Future versions of PGP products will automatically default to searching
the PGP Global Directory for user keys. If a PGP key is posted
publicly, PGP products are designed to find it. The default search
sequence will look for PGP keys in the following locations in this
order:
· Local cache of keys
· Local key ring
· A PGP Universal server operated at keys.recipientdomain.com
· The PGP Global Directory
· Legacy PGP keyservers specified by the user
Easier to send encrypted messages
Another option introduced in new PGP products will be to automatically
encrypt a message if a PGP key is found. This feature completes the
message security lifecycle: New PGP products automatically post new and
existing keys to the PGP Global Directory. When an email is created,
PGP products automatically look for verified keys in the PGP Global
Directory. When a key is found, PGP products will automatically encrypt
emails sent to that key. These new features will make it easier for the
worldwide community of PGP users to send and receive encrypted emails.
Protection from deprecated "legacy RSA" keys
In PGP software, there are two types of keys: legacy RSA keys and new
keys. The legacy keys use a cryptographic hash function called MD5 for
their fingerprints as well as signatures. The new keys use SHA-1, a
standard hash function published by the National Institute of Standards
and Technology (NIST). PGP Corporation introduced the new key format in
1997 because of a number of issues with
© 2004 PGP Corporation. All rights reserved.
PGP White Paper - PGP Global Directory
the old format, one of which was published in a mathematical paper on
weaknesses in MD5. Customers have been urged not to use deprecated MD5-
based PGP keys (technically called "v3 keys")since the company first
began offering the commercial PGP product. Recent mathematical advances
show that MD5 is much weaker than originally believed when PGP
Corporation began recommending that users of older PGP implementations
switch key formats 7 years ago. The company believes the public should
not be offered keys of questionable security.
The PGP Global Directory will not store or distribute v3 keys, but will
only store new, OpenPGP-compliant keys. Users with a v3 key will be
prompted to generate a new key as part of the PGP Desktop 9. 0
installation/upgrade process.
How to Participate in the PGP Global Directory
During the beta, users can access the PGP Global Directory at
https://keyserver-beta.pgp.com.
Although some active users of the current public PGP Keyserver may
receive an offer to be automatically migrated to the PGP Global
Directory, all users wishing their keys to be publicly available are
encouraged to upload them. Following the end of the beta period, the
PGP Global Directory will replace the old PGP Keyserver at the
keyserver.pgp.com address.
© 2004 PGP Corporation. All rights reserved.
PGP White Paper - PGP Global Directory
PGP Corporation
3460 West Bayshore Road
Palo Alto, CA 94303
USA
+1 650 319 9000
www.pgp.com
© 2004 PGP Corporation
All rights reserved. No part of this document may be reproduced, stored
in a retrieval system, or transmitted in any form by any means without
the prior written approval of PGP Corporation.
The information described in this document may be protected by one or
more U.S. patents, foreign patents, or pending applications.
PGP is a registered trademark of PGP Corporation. Product and brand
names used in the document may be trademarks or registered trademarks
of their respective owners. Any such trademarks or registered
trademarks are the sole property of their respective owners.
The information in this document is provided "as is" without warranty
of any kind, either express or implied, including, but not limited to,
the implied warranties of merchantability, fitness for a particular
purpose, or non-infringement. This document could include technical
inaccuracies or typographical errors. Changes to this document may be
made at any time without notice.
Thomas J. Boschloo
Anonymous wrote:
| Good thing?
<snip>
| Subsequent releases of PGP Desktop products will default to
| automatically post existing and newly created PGP keys to the PGP
| Global Directory. This approach relieves users of having to take the
| manual of step of posting a new key, making exchanging encrypted emails
| with the large and growing PGP user population even easier than before.
Not good! (Automatically) Posting your nym key would result in your
(real) IP address being linked to your nym by an observer between your
ISP and the Global Directory.
<snip>
| The PGP Global Directory will not store or distribute v3 keys, but will
| only store new, OpenPGP-compliant keys. Users with a v3 key will be
| prompted to generate a new key as part of the PGP Desktop 9. 0
| installation/upgrade process.
Also not good! I like my RSA v3 key and I became quite attached to it
over the years..
X-Posted to ASP since it seems more on-topic back there..
Thomas
- --
The Thraddash: "So, what's this? SNORT! An unknown alien species?"
"How wonderful! Someone new to fight!"
Full Game Win/Mac/Linux: <http://sc2.sourceforge.net>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iQB5AwUBQdbgPQEP2l8iXKAJAQHI7QMfYsM1cZ+5T7/f5yPP7MBgLVJNYyT3HASJ
RbOtlnGTabu/nkmBFxx2i74Vd34fRpuW/Wdtc6hcXjp9OzDbF4HxYaVc9nvWxgSb
u8U+DD/gCejuC8oi7e4fvXcjEeNHqrO7f3W5Kw==
=Vmjc
-----END PGP SIGNATURE-----