Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191] helo=mx.sourceforge.net) by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from <melvincarvalho@gmail.com>) id 1UcKiC-00065F-Pr for bitcoin-development@lists.sourceforge.net; Tue, 14 May 2013 19:16:36 +0000 Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.217.182 as permitted sender) client-ip=209.85.217.182; envelope-from=melvincarvalho@gmail.com; helo=mail-lb0-f182.google.com; Received: from mail-lb0-f182.google.com ([209.85.217.182]) by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1UcKiB-0001pB-ID for bitcoin-development@lists.sourceforge.net; Tue, 14 May 2013 19:16:36 +0000 Received: by mail-lb0-f182.google.com with SMTP id r11so1005483lbv.41 for <bitcoin-development@lists.sourceforge.net>; Tue, 14 May 2013 12:16:28 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.112.18.164 with SMTP id x4mr3010665lbd.127.1368558988814; Tue, 14 May 2013 12:16:28 -0700 (PDT) Received: by 10.112.143.38 with HTTP; Tue, 14 May 2013 12:16:28 -0700 (PDT) In-Reply-To: <20130514184120.GB18341@petertodd.org> References: <20130514184120.GB18341@petertodd.org> Date: Tue, 14 May 2013 21:16:28 +0200 Message-ID: <CAKaEYhKpDQJAqNuh0oddO1GmugfZAznGjk0sOdokqDAPWFibJQ@mail.gmail.com> From: Melvin Carvalho <melvincarvalho@gmail.com> To: Peter Todd <pete@petertodd.org> Content-Type: multipart/alternative; boundary=14dae94735dd61f32f04dcb27846 X-Spam-Score: -0.6 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (melvincarvalho[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 1.0 HTML_MESSAGE BODY: HTML included in message -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1UcKiB-0001pB-ID Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net> Subject: Re: [Bitcoin-development] Bitcoin2013 Speakers: Include your PGP fingerprint in your slides X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: <bitcoin-development.lists.sourceforge.net> List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>, <mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe> List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development> List-Post: <mailto:bitcoin-development@lists.sourceforge.net> List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help> List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>, <mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe> X-List-Received-Date: Tue, 14 May 2013 19:16:37 -0000 --14dae94735dd61f32f04dcb27846 Content-Type: text/plain; charset=ISO-8859-1 On 14 May 2013 20:41, Peter Todd <pete@petertodd.org> wrote: > report: https://bitcointalk.org/index.php?topic=205349.0 > > Every talk will be widely witnessed and videotaped so we can get some > reasonably good security by simply putting out PGP fingerprints in our > slides. Yeah, some fancy attacker could change the videos after the > fact, but the talks themselves will have wide audiences and a lot of > opportunities for fraud to be discovered. That means it'd also be > reasonable for people to sign those keys too if you are present and are > convinced you aren't looking at some impostor. (of course, presenters, > check that your PGP fingerprints are correct...) > > > Remember that PGP depends on the web-of-trust. No single measure in a > web-of-trust is needs to be absolutely perfect; it's the sum of the > verifications that matter. I don't think it matters much if you have, > say, seen Jeff Garzik's drivers license as much as it matters that you > have seen him in a public place with dozens of witnesses that would > recognize him and call out any attempt at fraud. > > Secondly remember that many of us are working on software where an > attacker can steal from huge numbers of users at once if they manage to > sneak some wallet stealing code in. We need better code signing > practices, but they don't help without some way of being sure the keys > signing the code are valid. SSL and certificate authorities have > advantages, and so does the PGP WoT, so use both. > > > FWIW I take this stuff pretty seriously myself. I generated my key > securely in the first place, I use a hardware smartcard to store my PGP > key, and I keep the master signing key - the key with the ability to > sign other keys - separate from my day-to-day signing subkeys. I also > PGP sign emails regularly, which means anyone can get a decent idea of > if they have the right key by looking at bitcoin-development mailing > list archives and checking the signatures. A truly dedicated attacker > could probably sign something without my knowledge, but I've certainly > raised the bar. > Just out of curiosity, could PGP keyservers suffer from a similar 51% attack as the bitcoin network? > > -- > 'peter'[:-1]@petertodd.org > 000000000000016be577c0f0ce4c04a05fdbfc8e0b6f69053659f32aeea3a518 > > > ------------------------------------------------------------------------------ > AlienVault Unified Security Management (USM) platform delivers complete > security visibility with the essential security capabilities. Easily and > efficiently configure, manage, and operate all of your security controls > from a single console and one unified framework. Download a free trial. > http://p.sf.net/sfu/alienvault_d2d > _______________________________________________ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development > > --14dae94735dd61f32f04dcb27846 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr"><br><div class=3D"gmail_extra"><br><br><div class=3D"gmail= _quote">On 14 May 2013 20:41, Peter Todd <span dir=3D"ltr"><<a href=3D"m= ailto:pete@petertodd.org" target=3D"_blank">pete@petertodd.org</a>></spa= n> wrote:<br> <blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p= x #ccc solid;padding-left:1ex">report: <a href=3D"https://bitcointalk.org/i= ndex.php?topic=3D205349.0" target=3D"_blank">https://bitcointalk.org/index.= php?topic=3D205349.0</a><br> <br> Every talk will be widely witnessed and videotaped so we can get some<br> reasonably good security by simply putting out PGP fingerprints in our<br> slides. Yeah, some fancy attacker could change the videos after the<br> fact, but the talks themselves will have wide audiences and a lot of<br> opportunities for fraud to be discovered. That means it'd also be<br> reasonable for people to sign those keys too if you are present and are<br> convinced you aren't looking at some impostor. (of course, presenters,<= br> check that your PGP fingerprints are correct...)<br> <br> <br> Remember that PGP depends on the web-of-trust. No single measure in a<br> web-of-trust is needs to be absolutely perfect; it's the sum of the<br> verifications that matter. I don't think it matters much if you have,<b= r> say, seen Jeff Garzik's drivers license as much as it matters that you<= br> have seen him in a public place with dozens of witnesses that would<br> recognize him and call out any attempt at fraud.<br> <br> Secondly remember that many of us are working on software where an<br> attacker can steal from huge numbers of users at once if they manage to<br> sneak some wallet stealing code in. We need better code signing<br> practices, but they don't help without some way of being sure the keys<= br> signing the code are valid. SSL and certificate authorities have<br> advantages, and so does the PGP WoT, so use both.<br> <br> <br> FWIW I take this stuff pretty seriously myself. I generated my key<br> securely in the first place, I use a hardware smartcard to store my PGP<br> key, and I keep the master signing key - the key with the ability to<br> sign other keys - separate from my day-to-day signing subkeys. I also<br> PGP sign emails regularly, which means anyone can get a decent idea of<br> if they have the right key by looking at bitcoin-development mailing<br> list archives and checking the signatures. A truly dedicated attacker<br> could probably sign something without my knowledge, but I've certainly<= br> raised the bar.<br></blockquote><div><br></div><div>Just out of curiosity, = could PGP keyservers suffer from a similar 51% attack as the bitcoin networ= k?<br></div><div>=A0</div><blockquote class=3D"gmail_quote" style=3D"margin= :0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> <span class=3D"HOEnZb"><font color=3D"#888888"><br> --<br> 'peter'[:-1]@<a href=3D"http://petertodd.org" target=3D"_blank">pet= ertodd.org</a><br> 000000000000016be577c0f0ce4c04a05fdbfc8e0b6f69053659f32aeea3a518<br> </font></span><br>---------------------------------------------------------= ---------------------<br> AlienVault Unified Security Management (USM) platform delivers complete<br> security visibility with the essential security capabilities. Easily and<br= > efficiently configure, manage, and operate all of your security controls<br= > from a single console and one unified framework. Download a free trial.<br> <a href=3D"http://p.sf.net/sfu/alienvault_d2d" target=3D"_blank">http://p.s= f.net/sfu/alienvault_d2d</a><br>___________________________________________= ____<br> Bitcoin-development mailing list<br> <a href=3D"mailto:Bitcoin-development@lists.sourceforge.net">Bitcoin-develo= pment@lists.sourceforge.net</a><br> <a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoin-development= " target=3D"_blank">https://lists.sourceforge.net/lists/listinfo/bitcoin-de= velopment</a><br> <br></blockquote></div><br></div></div> --14dae94735dd61f32f04dcb27846--