Encryption and Identity Verification¶
Using QR Codes and camera QR code readers, the mobile phone can be the easiest tool for managing PGP signatures for building a web of trust.
PGP Featureset Assessment¶
{| border="1" cellspacing="1" cellpadding="1" style="width: 500px;"
|-
! scope="col" | Feature Description
! scope="col" | OpenPGP
! scope="col" | APG
! scope="col" | Usage<br/>Frequency
! scope="col" | Strategic<br/>Value
|-
| Key Generation*
| style="text-align: center;" | [[File:Checkmark.png|center|15px|Checkmark.png]]
| style="text-align: center;" | [[File:Questionmark.png|center|15px|Questionmark.png]]
| style="text-align: center;" | Low
| style="text-align: center;" | High
|-
| style="text-align: left;" | Encrypting / Signing
| style="text-align: center;" | <br/>
| style="text-align: center;" | <br/>
| style="text-align: center;" | <br/>
| style="text-align: center;" | <br/>
|-
| style="text-align: right;" | Standalone files
| style="text-align: center;" | [[File:Checkmark.png|center|15px|Checkmark.png]]
| style="text-align: center;" | [[File:Checkmark.png|center|15px|Checkmark.png]]
| style="text-align: center;" | Low
| style="text-align: center;" | Low
|-
| style="text-align: right;" | Email body
| style="text-align: center;" | [[File:Checkmark.png|center|15px|Checkmark.png]]
| style="text-align: center;" | [[File:Checkmark.png|center|15px|Checkmark.png]]
| style="text-align: center;" | High
| style="text-align: center;" | High
|-
| style="text-align: right;" | Email attachments
| style="text-align: center;" | [[File:Checkmark.png|center|15px|Checkmark.png]]
| style="text-align: center;" | [[File:Redx.png|center|15px|Redx.png]]
| style="text-align: center;" | High
| style="text-align: center;" | High
|-
| style="text-align: left;" | Keyserver Integration
| style="text-align: center;" | <br/>
| style="text-align: center;" | <br/>
| style="text-align: center;" | <br/>
| style="text-align: center;" | <br/>
|-
| style="text-align: right;" | Upload public key
| style="text-align: center;" | [[File:Checkmark.png|center|15px|Checkmark.png]]
| style="text-align: center;" | [[File:Redx.png|center|15px|Redx.png]]
| style="text-align: center;" | Low
| style="text-align: center;" | High
|-
| style="text-align: right;" | Search / download public key
| style="text-align: center;" | [[File:Checkmark.png|center|15px|Checkmark.png]]
| style="text-align: center;" | [[File:Checkmark.png|center|15px|Checkmark.png]]
| style="text-align: center;" | Medium
| style="text-align: center;" | High
|-
| style="text-align: right;" | Upload/download signature<br/>certifications
| style="text-align: center;" | [[File:Checkmark.png|center|15px|Checkmark.png]]
| style="text-align: center;" | [[File:Redx.png|center|15px|Redx.png]]
| style="text-align: center;" | Medium
| style="text-align: center;" | Med
|-
| style="text-align: right;" | Key revocation
| style="text-align: center;" | [[File:Checkmark.png|center|15px|Checkmark.png]]
| style="text-align: center;" | [[File:Redx.png|center|15px|Redx.png]]
| style="text-align: center;" | Low
| style="text-align: center;" | High
|-
| style="text-align: left;" | Key Management
| style="text-align: center;" | <br/>
| style="text-align: center;" | <br/>
| style="text-align: center;" | <br/>
| style="text-align: center;" | <br/>
|-
| style="text-align: right;" | View / delete third party keys
| style="text-align: center;" | [[File:Checkmark.png|center|15px|Checkmark.png]]
| style="text-align: center;" | [[File:Checkmark.png|center|15px|Checkmark.png]]
| style="text-align: center;" | High
| style="text-align: center;" | High
|-
| style="text-align: right;" | Import / Export sub-keys
| style="text-align: center;" | [[File:Redx.png|center|15px|Redx.png]]
| style="text-align: center;" | [[File:Redx.png|center|15px|Redx.png]]
| style="text-align: center;" | Low
| style="text-align: center;" | High
|-
| style="text-align: left;" | Trust Management
| style="text-align: center;" | <br/>
| style="text-align: center;" | <br/>
| style="text-align: center;" | <br/>
| style="text-align: center;" | <br/>
|-
| style="text-align: right;" | Key signature viewing
| style="text-align: center;" | [[File:Checkmark.png|center|15px|Checkmark.png]]
| style="text-align: center;" | [[File:Redx.png|center|15px|Redx.png]]
| style="text-align: center;" | Med
| style="text-align: center;" | Med
|-
| style="text-align: right;" | Visible chain of trust
| style="text-align: center;" | [[File:Redx.png|center|15px|Redx.png]]
| style="text-align: center;" | [[File:Redx.png|center|15px|Redx.png]]
| style="text-align: center;" | High
| style="text-align: center;" | High
|}
/*APG describes key generation feature as "still kind of beta"
CAcert Certificate Authority Infrastructure¶
- http://cacert.org
- Firefox can update CAcert's revoke list once a day
- Firefox can enforce OCSP cert revokations
- can we specify one trustworthy OCSP server for all CAs?
PGP master key with sub keys for daily use¶
- http://www.macfreek.nl/mindmaster/Convert_GPG_keys_to_subkeys
- Using multiple subkeys in GPG
- GPG subkey tutorials
- Convert GPG keys to subkeys
- Convert keys between GnuPG, OpenSsh and OpenSSL
OTR syncing¶
Handling Verification Signatures¶
- ssh randomart for fingerprints for making it easier to recognize fingerprints
- visprint - fractal fingerprint generator
- make easy UI for sending signatures via email ala <tt>caff</tt> instead of directly to the keyserver like Seahorse
Converting OTR formats¶
- integrating OTR keys into PGP keys
- Understanding DSA keys
- keyCzar Python/Java/C++ framework for crypto
- Initial discussion about integrating OTR keys into PGP key
- M2Crypto convert key from PEM to DER
- X.509 Certificate and Key Formats
- Crypto++ wiki: Keys and Formats
- Cryptographic Interoperability: Keys
- Cryptographic Interoperability: Digital Signatures