From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1UcKAF-0002f7-Tx for bitcoin-development@lists.sourceforge.net; Tue, 14 May 2013 18:41:31 +0000 Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of petertodd.org designates 62.13.148.96 as permitted sender) client-ip=62.13.148.96; envelope-from=pete@petertodd.org; helo=outmail148096.authsmtp.net; Received: from outmail148096.authsmtp.net ([62.13.148.96]) by sog-mx-4.v43.ch3.sourceforge.com with esmtp (Exim 4.76) id 1UcKAE-0002S8-5t for bitcoin-development@lists.sourceforge.net; Tue, 14 May 2013 18:41:31 +0000 Received: from mail-c235.authsmtp.com (mail-c235.authsmtp.com [62.13.128.235]) by punt9.authsmtp.com (8.14.2/8.14.2/Kp) with ESMTP id r4EIfNwP085676 for ; Tue, 14 May 2013 19:41:23 +0100 (BST) Received: from petertodd.org (petertodd.org [174.129.28.249]) (authenticated bits=128) by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id r4EIfKiB098789 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO) for ; Tue, 14 May 2013 19:41:22 +0100 (BST) Date: Tue, 14 May 2013 14:41:20 -0400 From: Peter Todd To: bitcoin-development@lists.sourceforge.net Message-ID: <20130514184120.GB18341@petertodd.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="TakKZr9L6Hm6aLOc" Content-Disposition: inline User-Agent: Mutt/1.5.21 (2010-09-15) X-Server-Quench: e01eaea0-bcc5-11e2-b5c5-002590a15da7 X-AuthReport-Spam: If SPAM / abuse - report it at: http://www.authsmtp.com/abuse X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVJwpGK10IU0Fd P1hXKl1LNVAaWXld WiVPGEoXDxgzCjYj NEgGOBsDNw4AXgF1 LRkAXVBSFQZ4ABUL Ah8UUBs8dgJCZn9y bFhgVm5ZWE1lcE56 XU8aV2lzHDEbMRIf WUhffwoadQpNfFEQ alEqBSZcYXhVNSll WlZqMmp0N2hUdWEN GltQfAobGBsHF2Eq bREeFjIuGxddHn57 FAQrI10RBl1DemQ0 Ol88VV9QIhgPEEVm MHkFDi5fKFQbXzAq Cx8SXEhWATpAW29H BhwkLwQg X-Authentic-SMTP: 61633532353630.1023:706 X-AuthFastPath: 0 (Was 255) X-AuthSMTP-Origin: 174.129.28.249/587 X-AuthVirus-Status: No virus detected - but ensure you scan with your own anti-virus system. X-Spam-Score: -1.5 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain -0.0 SPF_PASS SPF: sender matches SPF record X-Headers-End: 1UcKAE-0002S8-5t Subject: [Bitcoin-development] Bitcoin2013 Speakers: Include your PGP fingerprint in your slides X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 May 2013 18:41:32 -0000 --TakKZr9L6Hm6aLOc Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable report: https://bitcointalk.org/index.php?topic=3D205349.0 Every talk will be widely witnessed and videotaped so we can get some reasonably good security by simply putting out PGP fingerprints in our slides. Yeah, some fancy attacker could change the videos after the fact, but the talks themselves will have wide audiences and a lot of opportunities for fraud to be discovered. That means it'd also be reasonable for people to sign those keys too if you are present and are convinced you aren't looking at some impostor. (of course, presenters, check that your PGP fingerprints are correct...) Remember that PGP depends on the web-of-trust. No single measure in a web-of-trust is needs to be absolutely perfect; it's the sum of the verifications that matter. I don't think it matters much if you have, say, seen Jeff Garzik's drivers license as much as it matters that you have seen him in a public place with dozens of witnesses that would recognize him and call out any attempt at fraud. Secondly remember that many of us are working on software where an attacker can steal from huge numbers of users at once if they manage to sneak some wallet stealing code in. We need better code signing practices, but they don't help without some way of being sure the keys signing the code are valid. SSL and certificate authorities have advantages, and so does the PGP WoT, so use both. FWIW I take this stuff pretty seriously myself. I generated my key securely in the first place, I use a hardware smartcard to store my PGP key, and I keep the master signing key - the key with the ability to sign other keys - separate from my day-to-day signing subkeys. I also PGP sign emails regularly, which means anyone can get a decent idea of if they have the right key by looking at bitcoin-development mailing list archives and checking the signatures. A truly dedicated attacker could probably sign something without my knowledge, but I've certainly raised the bar. --=20 'peter'[:-1]@petertodd.org 000000000000016be577c0f0ce4c04a05fdbfc8e0b6f69053659f32aeea3a518 --TakKZr9L6Hm6aLOc Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iEYEARECAAYFAlGShVAACgkQpEFN739thox6YACeJ3TJE6LRJme/kLYsv1PPd80m USQAnAwd3YbinmkZtt0Yl7d4QAl8hF/N =FDvp -----END PGP SIGNATURE----- --TakKZr9L6Hm6aLOc--