[messaging] twitter and github as key validators [was: Re: key validation rules for today]

Tao Effect contact at taoeffect.com
Tue Sep 9 14:09:00 PDT 2014

On Sep 9, 2014, at 1:09 PM, Tony Arcieri <bascule at gmail.com> wrote:
> If you have your key fingerprint published through many channels, someone concerned with actually verifying your key fingerprint can check them all to ensure they match. If there's a discrepancy, something is probably amiss.
> Perhaps an attacker managed to compromise them all and update your key fingerprints in all locations to confuse a victim into sending the attacker an encrypted message. Sure, it's not a great solution. It's an OK solution, however. Certainly better (from a security, not usability perspective) than TOFU.

I think it's important to remind us who we're dealing with.

The fact that Keybase lookups are done over HTTPS eliminates most malicious actors.

If Keybase pins their cert (do they?), that virtually guarantees the validity of the github and twitter URLs.

The lookup would proceed to those services, to which the keys are not pinned, so the scope widens a bit again, just enough to include the Five Eyes, the host companies themselves (twitter and github), and anyone who hacked them.

What are the capabilities of the Five Eyes?

I think many would agree they are capable of manipulating and/or censoring connections (HTTPS or not) in an automated fashion, but with some difficulty (and non-zero possibility of detection). That implies that most keys returned from Keybase would be accurate, but for a small fraction they might not be.

I'd summarize the quality of service Keybase provides like so:

- For 99% of cases, it does a great job.
- For maybe <1%, it could provide false answers.
- There is the possibility of DoS / censorship (given that it is a centralized service) for everyone.

> Short of things like Google's proposed CT-alike for E2E looking for dishonest Key Directories, I'm not sure how you do better.

OpenBazaar has plans to do public key lookups for pseudonyms in Namecoin via DNSChain:


That has the advantage of virtually guaranteeing correct responses, and the decentralized nature makes it mostly invulnerable to DoS and censorship.

- Greg

Please do not email me anything that you are not comfortable also sharing with the NSA.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20140909/14ba7868/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20140909/14ba7868/attachment.sig>

More information about the Messaging mailing list