Re: status: establishing a PGP web of trust

From: Josh Triplett
Date: Mon Oct 03 2011 - 18:57:12 EST

On Mon, Oct 03, 2011 at 01:19:27PM +0200, Jiri Kosina wrote:
> On Fri, 30 Sep 2011, H. Peter Anvin wrote:
> > Since the status announcement last week a number of you
> > have contacted me about re-establishing credentials. In order to
> > establish a proper PGP web of trust we need keys that are cross-signed
> > by other developers. As such, we ask that you follow the following
> > steps:
> >
> > 1. Make sure your systems are uncompromised. We will address specific
> > recommended steps for that in a separate email.
> >
> > 2. Create a new PGP/GPG key, and also generate a key revocation
> > certificate (but don't import it anywhere -- save it for the
> > future) for your new key. In the near future we are considering
> > setting up an escrow service for key revocation certificates.
> >
> > I recommend using a 4096-bit RSA key. Given how fast computers are
> > these days, there is no reason to use a shorter key. DSA keys
> > should be considered obsolete; substantial weaknesses have been
> > found in DSA.
> >
> > $ gpg --gen-key
> > $ gpg -u <key ID> -o <key ID>.revoke --gen-revoke
> >
> > 3. If you are reasonably certain that your old key has never been
> > jeopardized, sign the new key with the old key.
> I have a question here. In case people are 'reasonably certain' that the
> old key has never been jeoparadized, why are they required to create a new
> key?
> It doesn't make too much sense to force people to live with two different
> personalities in this "PGP web of trust" world just for the sake of
>, does it?

Same question here. I have a key, which has already accumulated some
signatures, and I feel confident that key remains secure, along with the
one and only system that key lives on. I have a revocation certificate
prepared for that key in a secure location, though I'd certainly welcome
an escrow service from as long as that service only stored
encrypted documents to which only the key owner had the passphrase. I
don't see any need to generate an entirely new key in a hurry.
Certainly transitioning to larger and algorithmically better keys over
time seems like a good idea, but given the nature of the
compromise, immediate concerns about the strength of GPG keys seems much
less warranted than concerns about the security of the systems they live

- Josh Triplett
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at