OpenPGP: could an old hand critique my first public key?

FreeBSD Friends,

I've been working through PGP & GPG by Michael W. Lucas, using GnuPG 2.1.19 on FreeBSD 11.0-RELEASE amd64.

I made my first keypair today. Before I send my public key to a keyserver, I'd like to feel more confident that it makes sense and reflects modern best practices.

Would an OpenPGP old hand be willing to take a gander at my public key, and offer guidance?

My public key as yielded by gpg --export
My public key as yielded by gpg --armor --export

I'm especially curious about whether the photo I included in my public key's conventional; this feature's mentioned in the book, yet I'm not sure how often people actually do this.

Thank you so much!
 
Keep in mind that this is roughly my personal opinion only, and to make matters worse I have no clue at all about the book you referred to ;) I can say that I've been using PGP since 1998 or something. I'm not trying to claim that I know everything, but I have seen and experienced a lot ;)

I made my first keypair today. Before I send my public key to a keyserver, I'd like to feel more confident that it makes sense and reflects modern best practices.

Would an OpenPGP old hand be willing to take a gander at my public key, and offer guidance?
So, first thing, I wouldn't use a key which has an very short expiration date. Yours is only valid for one year, and that's really not much time. Of course this heavily depends on how you want to use your key, as is the case with most GPG related things.

But common practice is basically to set up a key which is valid for several years if not simply forever. If you want to build up a web of trust then that will take time. It would be annoying if you'd have to start all over again after one year or so.

Theoretical situation: 11,5 months from now you've noticed that I'm a GPG user and for whatever reason we swap keys. I've been a little picky with "just" trusting yours so we decided to share both e-mail as well as phone numbers, we contacted each other and that made me decide to sign our key.

And then your key expires. So one month afterwards you come knocking at my doorstep again. "Can we swap again?". No offense intended, but do you really think I would still consider you reliable if I had just went over all the trouble to verify and eventually sign your key, and 1 month later you want me to do it all over again? Errrr, no ;-)

So... Once you've set up a longer lasting key also be sure to create a so called revocation key, and keep that secured! You'd be looking at (for example): gpg -o revoke.asc --gen-revoke <your name>. The reason why you need to keep this highly secured is because anyone would be able to revoke your key using this bit of code.

That may sound a bit odd at first (why take such risks?) but just think of this as your last line of defense. If, for whatever reason, your key becomes inaccessible to you (because you forgot the password for example) then you'd normally have an issue on your hands. In order to revoke it you'd need the password, but the reason you'd want to revoke it in the first place is the loss of your password. That's where the revocation key comes into play.

Next, the photo... Adding one is not bad practice (not at all) but it can limit the amount of keyservers you can use. Not every keyserver accepts such keys, which can seriously limit your choices. This doesn't have to be an issue if you simply pick a specific keyserver and tell everyone you work with to do the same thing. Easy.

Yet it can become tricky if your goal is to be as much accessible as possible. If that's the main goal then I personally wouldn't bother with a picture at all. Chances are high that many GPG users out there wouldn't even be able to access / display it in the first place, depending where they'd use and/or store it of course. Still, generally speaking a picture is more than often not much more but extra weight. Your key gets larger and basically for little reason.

Hmm, tips and tricks... Some random thoughts...
  • If you plan on being serious about trust and all that then honor your chain of trust and don't blindly slap an ultimate trust on every random key you get. The web of trust was made for a reason.
  • Always keep in mind that tools don't generate extra security, it's users who do.
  • Think it over before you upload a key to a keyserver. Once it has been uploaded then it's pretty much impossible to ever remove it again. Most keyservers will even retain keys after they have long been expired and/or been revoked.
  • Never assume that everyone else can do the same stuff as you can (or as easily). One example being is of course the picture which not every GPG client software can manage, but there are also users out there who would consider it a sin to "simply" delete a key (or (key) signature). Personally I don't always agree with that line of reasoning but... keep point 2 in mind. If that works for them...
  • Back up your keys, and keep that somewhere safe.
From the back of my mind here... Hope this can help.
 
ShelLuser, thanks so much for your generous reply!
Keep in mind that this is roughly my personal opinion only, and to make matters worse I have no clue at all about the book you referred to ;) I can say that I've been using PGP since 1998 or something. I'm not trying to claim that I know everything, but I have seen and experienced a lot ;)

Thank you! Being a user of it since '98 must indeed qualify you as an old hand with it.
So, first thing, I wouldn't use a key which has an very short expiration date. Yours is only valid for one year, and that's really not much time. Of course this heavily depends on how you want to use your key, as is the case with most GPG related things.

But common practice is basically to set up a key which is valid for several years if not simply forever. If you want to build up a web of trust then that will take time. It would be annoying if you'd have to start all over again after one year or so.

Theoretical situation: 11,5 months from now you've noticed that I'm a GPG user and for whatever reason we swap keys. I've been a little picky with "just" trusting yours so we decided to share both e-mail as well as phone numbers, we contacted each other and that made me decide to sign our key.

And then your key expires. So one month afterwards you come knocking at my doorstep again. "Can we swap again?". No offense intended, but do you really think I would still consider you reliable if I had just went over all the trouble to verify and eventually sign your key, and 1 month later you want me to do it all over again? Errrr, no ;-)

Thank you for this.

The one-year expiration's a recommendation in the book, for first-time users. I think the idea's that a first-timer's likely to make naive keypair choices that they'll soon regret. Yet perhaps reviews of my attempt by old hands like yourself, in this thread, will give me enough assurance to safely bypass those training wheels.

I just found the related part of the book, so I'll share what I've read directly. In PGP & GPG, Michael W. Lucas says on page 33:
Michael W. Lucas said:
The expiration date of a keypair is a matter of discussion among OpenPGP experts. Having a key expire regularly provides a certain level of additional convenience for your future self; if you have your nonexpiring keypair on a CD-ROM, and someone finds that disk in 2038, they can still use that keypair to pretend to be you. If your key expires regularly, you will need to generate a new key ever few years and distribute it amongst your correspondents.

As a new OpenPGP user, however, you will probably find things that you wish you had done differently with your key before too long. If your key lasts forever, it will be more difficult to get rid of. You can probably have subsequent keys expire every two to five years, but you want to be able to bail out of any teething problems quickly. (Although I've done my best to guide you through any potential problems, some of you will find uses for OpenPGP that I'd never expect!)

Perhaps the most common problem with a nonexpiring key is that when an old key is used to contact someone who no longer has the keypair, they can't read the email. If I had publicized a nonexpiring PGP key when I first gave PGP a try back in 1995, that key would still be available via Google and other websites. Chances are, today I would have had to scrounge hard to dig up the software to read a message encrypted with that key. And in 2015, I would have serious difficulty opening that message, but the key would still be cached for the world at large to view, and no matter how hard I worked to publicize an update expiring key, people would keep tripping over the old one!

The moral of this story is: Expire your keys regularly!

Though these ideas make sense to me, I too kept thinking, while reading, "am I really going to pesker people to re-sign my public key that frequently?"
So... Once you've set up a longer lasting key also be sure to create a so called revocation key, and keep that secured! You'd be looking at (for example): gpg -o revoke.asc --gen-revoke <your name>. The reason why you need to keep this highly secured is because anyone would be able to revoke your key using this bit of code.

That may sound a bit odd at first (why take such risks?) but just think of this as your last line of defense. If, for whatever reason, your key becomes inaccessible to you (because you forgot the password for example) then you'd normally have an issue on your hands. In order to revoke it you'd need the password, but the reason you'd want to revoke it in the first place is the loss of your password. That's where the revocation key comes into play.

Thank you. I didn't know that it was possible to revoke a key without a revocation certificate, so long as the private key's passphrase is remembered; this helps me to get a feel for the benefits of that certificate.

I also noticed that GnuPG makes one automatically now, when making a new keypair.
Next, the photo... Adding one is not bad practice (not at all) but it can limit the amount of keyservers you can use. Not every keyserver accepts such keys, which can seriously limit your choices. This doesn't have to be an issue if you simply pick a specific keyserver and tell everyone you work with to do the same thing. Easy.

Yet it can become tricky if your goal is to be as much accessible as possible. If that's the main goal then I personally wouldn't bother with a picture at all. Chances are high that many GPG users out there wouldn't even be able to access / display it in the first place, depending where they'd use and/or store it of course. Still, generally speaking a picture is more than often not much more but extra weight. Your key gets larger and basically for little reason.

'excellent advice; thank you so much. As an OpenPGP newcomer, there's no way I could have known this if not for your help.

When you say that some keyservers don't like keys with photos, does that mean that they only reject manual upload attempts ( --send-keys with GnuPG), or that they also reject keyserver<->keyserver replication of these keys?

If using a photo is going to cause inter-keyserver replication to sometimes fail, it does seem good to avoid it.
Hmm, tips and tricks... Some random thoughts...
If you plan on being serious about trust and all that then honor your chain of trust and don't blindly slap an ultimate trust on every random key you get. The web of trust was made for a reason.

OK, thank you.
Always keep in mind that tools don't generate extra security, it's users who do.

Yeah, there is so much to think about; I've found it daunting to get started with, but the book and your guidance are helping tremendously.
Think it over before you upload a key to a keyserver. Once it has been uploaded then it's pretty much impossible to ever remove it again. Most keyservers will even retain keys after they have long been expired and/or been revoked.

Fascinating, thanks. When a keyserver retains a key that's been revoked, does it indicate to end users in any way that it's a revoked key?
Never assume that everyone else can do the same stuff as you can (or as easily). One example being is of course the picture which not every GPG client software can manage, but there are also users out there who would consider it a sin to "simply" delete a key (or (key) signature). Personally I don't always agree with that line of reasoning but... keep point 2 in mind. If that works for them...

Does this mean that my photo-bearing key could be irritating for some people to deal with, yet they'd often feel compelled to figure it out instead of discarding my mail, thus deepening their frustration? I'm sorry; I may have failed to understand this point correctly (thick skull here Friend).

ShelLuser, it was very kind of you to scrutinize my key and share your thoughts. I really appreciate your help. Thank you!
 
ShelLuser, thanks so much for your generous reply!

Thank you! Being a user of it since '98 must indeed qualify you as an old hand with it.
I'd like to think so. Of course that could have had nasty side-effects as well. For all we knew I could have been fully stuck on my trusty commandline and used that for pretty much everything these days ;)

Though these ideas make sense to me, I too kept thinking, while reading, "am I really going to pesker people to re-sign my public key that frequently?"
Exactly. Generally speaking it's usually best to pick up hints and such as just that: hints. Don't follow advice as if that's the best way (or only way) to do something. Pick it up as an advice, and use that to influence your own decisions on this. As I mentioned in my previous post: security begins with you and what you do, not some set of rules you're following.

When you say that some keyservers don't like keys with photos, does that mean that they only reject manual upload attempts ( --send-keys with GnuPG), or that they also reject keyserver<->keyserver replication of these keys?
Both. So they won't accept such keys from yourself, but also refuse to get these with other servers. So effectively hindering the availability of your key(s).

My personal take is simple: some servers refuse keys with photo's in them, but not the other way around. So servers which do allow usage if images also host regular keys. As such in the end you're somewhat limiting yourself.

Fascinating, thanks. When a keyserver retains a key that's been revoked, does it indicate to end users in any way that it's a revoked key?
No, GPG itself does that for you. Keyservers are generally pretty braindead services; they allow the uploading & downloading of keys (configurable) but that's about all they do. A keyserver is basically a crude webserver, it uses the HTTP protocol to send its data across.

Does this mean that my photo-bearing key could be irritating for some people to deal with, yet they'd often feel compelled to figure it out instead of discarding my mail, thus deepening their frustration?
Nah. Unless those people are hosting their stuff on a small device then the size might bother them but even that remains to be seen with smartphones which nowadays easily provide several gigabytes worth of storage. You won't necessarily hinder or bother people with this. Not at all.

The main issue is basically those keyservers. If you do use a picture of some sort then it is possible that you'll be limiting your keys availability. But things stop there.

And as hinted at earlier: even that doesn't have to be a bad thing. If you spread your key around you can simply point people to it. Heck, that's how I got your current key in the first place ;)

Anyway, I'm happy to hear that this could help you get started, my pleasure to help really. And don't worry about the questions and all, I can very well understand that things can seem difficult and maybe overwhelming at first, especially because there's tons of stuff which you can configure and set up. But trust me: It'll become easier over time :)
 
Back
Top