GnuPG Mini HOWTO
Scope of this document
This Mini-HOWTO is intended to help debian people converting from using PGP to GnuPG for their work within the Debian Project.
Where is signing done?
- .dsc files are signed
- .changes files are signed
- Mutt is used to read and write mails, partially signed
- Votes are signed
Setting up GnuPG
If you want to continue to use your PGP2/5 keys, you need to enable one of the rsa modules below. Without that you are only able to understand new GnuPG keys while the old ones are left out. You will still have to use software with patent problems then.
You don't have to, but if you're only using GnuPG and new keys your web of trust needs to be rebuilt.
Here is a sample ~/.gnupg/options file.
# Options for GnuPG # # Unless you you specify which option file to use (with the # commandline option "--options filename"), GnuPG uses the # file ~/.gnupg/options by default. # # An option file can contain all long options which are # available in GnuPG. If the first non white space character of # a line is a '#', this line is ignored. Empty lines are also # ignored. # # See the man page for a list of options. # If you have more than 1 secret key in your keyring, you may want # to uncomment the following option and set your preffered keyid # # default-key 621CC013 ## Compatibility options # PGPv2/5 compatibility # force-v3-sigs # rfc1991 # digest-algo md5 # Screw PGP, let's be RFC compatible => openpgp ## These extensions have patents or other issues, these are only # required if you want to use pgp signatures and keys as well. If # you're only using the free and patent-less GnuPG you don't need them. # #load-extension rsaref # Not for use in the States #load-extension rsa # Patented in much of Europe #load-extension idea # Strong patent, only needed for # reading encrypted msg's from pgp 2.x/5.x ## Other fun options escape-from-lines lock-once no-verbose no-greeting ## Keyrings secret-keyring secring.gpg #secret-keyring secring.pgp keyring pubring.gpg #keyring pubring.pgp keyring /usr/share/keyrings/debian-keyring.gpg #keyring /usr/share/keyrings/debian-keyring.pgpSetting up Mutt
The following configuration will switch from PGP to GnuPG as default signing method. There are ways both can coexist, though.
# Adjust the PGP method # set pgp_default_version="gpg" #set pgp_gpg="/usr/bin/gpg" #set pgp_receive_version="gpg" #set pgp_key_version="gpg" #set pgp_send_version="gpg" # Some detailed adjustments #set pgp_sign_as=0xDCF9DAB3 #set pgp_sign_micalg=sha1 #set pgp_strict_enc # use Q-P encoding when needed for PGP # Adjust highlighting of good and bad signatures # color body brightyellow black "^(gpg: )?Good signature" mono body bold "^(gpg: )?Good signature" color body brightwhite red "^(gpg: )?(Bad|BAD) signature from.*" mono body bold "^(gpg: )?(Bad|BAD) signature from.*"Signing .dsc and .changes files
The Debian Installation routine (dinstall) is already prepared to accept GnuPG keys. Your key has to be included in the keyring.gpg, though. If this isn't done yet, send it to the keyring maintainer at keyring-maint@debian.org. If your GnuPG key doesn't have a proper signature, you should sign that mail using your old PGP key, so the keyring maintainer can ensure that he's not adding an intruder's key.
Since GnuPG behaves differently to PGP you need to add a newline to a .dsc file before signing it with GnuPG. The command to sign is »gpg --clearsign foo.dsc«.
The current Upload Queue Daemon also understands GnuPG signed keys.
Building Packages
To use GnuPG with »dpkg-buildpackage« one has to append -pgpg (or . -ppgp) to its commandline. The program will determine the proper calling-style itself. It will also automatically call »gpg« if it detects ~/.gnupg/secring.gpg while ~/.pgp/secring.pgp doesn't exist.
Voting in Debian
The voting software, UseVote, does not yet understand OpenPGP keys.
Why you should not simply re-sign GnuPG keys
Imagine that someone gets your private key and is out to masquerade as you. He generates a new key and sends emails to all the people who signed your old key with a blurb like the following:
Hi! I'm moving to a more secure key using a new algorithm and I'd like it if you could all re-sign my new key.He gets signatures from your unsuspecting friends. Now there are two keys belonging to Martin, signed by a number of trusted people. You discover this and issue a revokation certificate for your old key - however you cannot revoke the key the attacker has created! So there is still a key out there that for all intents and purposes appears to be from you.
The next step to undoing the damage would be to contact the people who signed this key and get them to revoke the signatures they added - however since you just revoked your old key there is no way for them to actually know that it is -you- that is asking this. The only safe way would be for you to physically visit them, show ID, get them to sign a new key and revoke the sig on the bad key.
Even after doing all of this someone would still have to go to a key server and download the revoked signatures before they could be certain that this 'forged' key is not from you.
Compare that to having a private key compromised - all you get there is a few emails you didn't write and a revoked key.
Thus, if not signing a new OpenPGP key with the old PGP key, you have to use a third media to verify that the new key is valid, i.e. a phone, fax or face-to-face meeting.
The RSA patent
RSA holds the patent upon a widely used encryption method. Thus for free software you have to use the liberal library rsaref in the US but not outside of it, and use the rsa library outside of it.
The patent is expired in August 2000.
People from debian-devel, Martin Schulze