1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
|
Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191]
helo=mx.sourceforge.net)
by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <melvincarvalho@gmail.com>) id 1UcKiC-00065F-Pr
for bitcoin-development@lists.sourceforge.net;
Tue, 14 May 2013 19:16:36 +0000
Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of gmail.com
designates 209.85.217.182 as permitted sender)
client-ip=209.85.217.182; envelope-from=melvincarvalho@gmail.com;
helo=mail-lb0-f182.google.com;
Received: from mail-lb0-f182.google.com ([209.85.217.182])
by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.76) id 1UcKiB-0001pB-ID
for bitcoin-development@lists.sourceforge.net;
Tue, 14 May 2013 19:16:36 +0000
Received: by mail-lb0-f182.google.com with SMTP id r11so1005483lbv.41
for <bitcoin-development@lists.sourceforge.net>;
Tue, 14 May 2013 12:16:28 -0700 (PDT)
MIME-Version: 1.0
X-Received: by 10.112.18.164 with SMTP id x4mr3010665lbd.127.1368558988814;
Tue, 14 May 2013 12:16:28 -0700 (PDT)
Received: by 10.112.143.38 with HTTP; Tue, 14 May 2013 12:16:28 -0700 (PDT)
In-Reply-To: <20130514184120.GB18341@petertodd.org>
References: <20130514184120.GB18341@petertodd.org>
Date: Tue, 14 May 2013 21:16:28 +0200
Message-ID: <CAKaEYhKpDQJAqNuh0oddO1GmugfZAznGjk0sOdokqDAPWFibJQ@mail.gmail.com>
From: Melvin Carvalho <melvincarvalho@gmail.com>
To: Peter Todd <pete@petertodd.org>
Content-Type: multipart/alternative; boundary=14dae94735dd61f32f04dcb27846
X-Spam-Score: -0.6 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(melvincarvalho[at]gmail.com)
-0.0 SPF_PASS SPF: sender matches SPF record
1.0 HTML_MESSAGE BODY: HTML included in message
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1UcKiB-0001pB-ID
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Bitcoin2013 Speakers: Include your PGP
fingerprint in your slides
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Tue, 14 May 2013 19:16:37 -0000
--14dae94735dd61f32f04dcb27846
Content-Type: text/plain; charset=ISO-8859-1
On 14 May 2013 20:41, Peter Todd <pete@petertodd.org> wrote:
> report: https://bitcointalk.org/index.php?topic=205349.0
>
> Every talk will be widely witnessed and videotaped so we can get some
> reasonably good security by simply putting out PGP fingerprints in our
> slides. Yeah, some fancy attacker could change the videos after the
> fact, but the talks themselves will have wide audiences and a lot of
> opportunities for fraud to be discovered. That means it'd also be
> reasonable for people to sign those keys too if you are present and are
> convinced you aren't looking at some impostor. (of course, presenters,
> check that your PGP fingerprints are correct...)
>
>
> Remember that PGP depends on the web-of-trust. No single measure in a
> web-of-trust is needs to be absolutely perfect; it's the sum of the
> verifications that matter. I don't think it matters much if you have,
> say, seen Jeff Garzik's drivers license as much as it matters that you
> have seen him in a public place with dozens of witnesses that would
> recognize him and call out any attempt at fraud.
>
> Secondly remember that many of us are working on software where an
> attacker can steal from huge numbers of users at once if they manage to
> sneak some wallet stealing code in. We need better code signing
> practices, but they don't help without some way of being sure the keys
> signing the code are valid. SSL and certificate authorities have
> advantages, and so does the PGP WoT, so use both.
>
>
> FWIW I take this stuff pretty seriously myself. I generated my key
> securely in the first place, I use a hardware smartcard to store my PGP
> key, and I keep the master signing key - the key with the ability to
> sign other keys - separate from my day-to-day signing subkeys. I also
> PGP sign emails regularly, which means anyone can get a decent idea of
> if they have the right key by looking at bitcoin-development mailing
> list archives and checking the signatures. A truly dedicated attacker
> could probably sign something without my knowledge, but I've certainly
> raised the bar.
>
Just out of curiosity, could PGP keyservers suffer from a similar 51%
attack as the bitcoin network?
>
> --
> 'peter'[:-1]@petertodd.org
> 000000000000016be577c0f0ce4c04a05fdbfc8e0b6f69053659f32aeea3a518
>
>
> ------------------------------------------------------------------------------
> AlienVault Unified Security Management (USM) platform delivers complete
> security visibility with the essential security capabilities. Easily and
> efficiently configure, manage, and operate all of your security controls
> from a single console and one unified framework. Download a free trial.
> http://p.sf.net/sfu/alienvault_d2d
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
>
--14dae94735dd61f32f04dcb27846
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><br><div class=3D"gmail_extra"><br><br><div class=3D"gmail=
_quote">On 14 May 2013 20:41, Peter Todd <span dir=3D"ltr"><<a href=3D"m=
ailto:pete@petertodd.org" target=3D"_blank">pete@petertodd.org</a>></spa=
n> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex">report: <a href=3D"https://bitcointalk.org/i=
ndex.php?topic=3D205349.0" target=3D"_blank">https://bitcointalk.org/index.=
php?topic=3D205349.0</a><br>
<br>
Every talk will be widely witnessed and videotaped so we can get some<br>
reasonably good security by simply putting out PGP fingerprints in our<br>
slides. Yeah, some fancy attacker could change the videos after the<br>
fact, but the talks themselves will have wide audiences and a lot of<br>
opportunities for fraud to be discovered. That means it'd also be<br>
reasonable for people to sign those keys too if you are present and are<br>
convinced you aren't looking at some impostor. (of course, presenters,<=
br>
check that your PGP fingerprints are correct...)<br>
<br>
<br>
Remember that PGP depends on the web-of-trust. No single measure in a<br>
web-of-trust is needs to be absolutely perfect; it's the sum of the<br>
verifications that matter. I don't think it matters much if you have,<b=
r>
say, seen Jeff Garzik's drivers license as much as it matters that you<=
br>
have seen him in a public place with dozens of witnesses that would<br>
recognize him and call out any attempt at fraud.<br>
<br>
Secondly remember that many of us are working on software where an<br>
attacker can steal from huge numbers of users at once if they manage to<br>
sneak some wallet stealing code in. We need better code signing<br>
practices, but they don't help without some way of being sure the keys<=
br>
signing the code are valid. SSL and certificate authorities have<br>
advantages, and so does the PGP WoT, so use both.<br>
<br>
<br>
FWIW I take this stuff pretty seriously myself. I generated my key<br>
securely in the first place, I use a hardware smartcard to store my PGP<br>
key, and I keep the master signing key - the key with the ability to<br>
sign other keys - separate from my day-to-day signing subkeys. I also<br>
PGP sign emails regularly, which means anyone can get a decent idea of<br>
if they have the right key by looking at bitcoin-development mailing<br>
list archives and checking the signatures. A truly dedicated attacker<br>
could probably sign something without my knowledge, but I've certainly<=
br>
raised the bar.<br></blockquote><div><br></div><div>Just out of curiosity, =
could PGP keyservers suffer from a similar 51% attack as the bitcoin networ=
k?<br></div><div>=A0</div><blockquote class=3D"gmail_quote" style=3D"margin=
:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<span class=3D"HOEnZb"><font color=3D"#888888"><br>
--<br>
'peter'[:-1]@<a href=3D"http://petertodd.org" target=3D"_blank">pet=
ertodd.org</a><br>
000000000000016be577c0f0ce4c04a05fdbfc8e0b6f69053659f32aeea3a518<br>
</font></span><br>---------------------------------------------------------=
---------------------<br>
AlienVault Unified Security Management (USM) platform delivers complete<br>
security visibility with the essential security capabilities. Easily and<br=
>
efficiently configure, manage, and operate all of your security controls<br=
>
from a single console and one unified framework. Download a free trial.<br>
<a href=3D"http://p.sf.net/sfu/alienvault_d2d" target=3D"_blank">http://p.s=
f.net/sfu/alienvault_d2d</a><br>___________________________________________=
____<br>
Bitcoin-development mailing list<br>
<a href=3D"mailto:Bitcoin-development@lists.sourceforge.net">Bitcoin-develo=
pment@lists.sourceforge.net</a><br>
<a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoin-development=
" target=3D"_blank">https://lists.sourceforge.net/lists/listinfo/bitcoin-de=
velopment</a><br>
<br></blockquote></div><br></div></div>
--14dae94735dd61f32f04dcb27846--
|