Any recommendations for recv-only keyserver setup?

Previous Topic Next Topic
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Any recommendations for recv-only keyserver setup?

Jeff Johnson-12
I've got a pretty obscure question in the subject line.

I've just finished up drilling keypair/sign methods into RPM and
am starting to sign all built packages automagically.

The RPM usage case is to attach a digital certificate to
every package build, thereby automagically forcing
self-certed signatures/pubkeys into all packages produced by RPM.

The model afaict is a non-repudiation signature as described
in the "Handbook of Applied Cryptography" section 13.8.2 (for reference).

There basic threat to a non-repudation signature is:

        Original signer releases the private key and claims forgery.

Well RPM is just gonna create, use and the discard the private key.
And you're unlikely to hear any claim of Forgery! from a "batch oriented"
installer that isn't permitted any dialog with a luser. ;-)

The other two means described to avoid the threat model involve
a notary, either to acquire a trusted time stamp, or for a signature/pubkey registrar.

So -- if I MUST set up a registry (I sure hope not) -- I'd like
to use a SKS server for the implementation.

However RPM is used _LOTS_ and there's no reason whatsoever to
distribute self-certs _EVERYWHERE_, all that's needed is a
standalone SKS server (or a private set of peers).

I'd hate to be blamed for damage like 0xCA57AD7C described here
Even 5 years later the 0xCA57AD7C litter is everywhere
to be seen. Perhaps its just time for SKS to filter
out expired 0xCA57AD7C signatures to reduce the size of pubkeys? But I digress ...

But that's the line of reasoning that makes me wonder
        Is it possible to set up a SKS keyserver in recv-only mode?
so that it would receive but not send pubkeys?

Which way do pubkeys travel when gossiping? Towards the initiator
of a gossip connection would be my guess, and so a simple firewall should
be sufficient to put a SKS server into recv-only mode.

I hope my question make sense.

73 de Jeff

Sks-devel mailing list
[hidden email]