manage first-party attestations
Open, HighPublic

Description

It would be great if GnuPG could manage first-party attestations of third-party certifications.

Below is a proposal for how the UI/API of GnuPG might enable this:

Retaining Attestation Key Signatures

GnuPG should retain the most recent cryptographically-valid self-signed Attestation Key Signatures it sees for each <Key,UserID> pairing. It should discard all superseded Attestation Key Signatures.

If the "most recent" Attestation Key Signature timestamp is shared by multiple Attestation Key Signatures, GnuPG should retain all of them.

Viewing Attestations

For end-user-facing views, I see two alternatives:

  • gpg --check-sigs could display whether a given certification is attested to, the same way that it shows (for example) L for "local" (non-exportable) certifications. The flag A could be used to mean "attested to". This is a bit tricky given the current implementation, because it means generating the output line based on information that is not internal to the certification.

or:

  • --list-options could grow a new parameter, show-unattested-sigs, which defaults to on. If the user wants to only see the attested sigs, they can use --list-options no-show-unattested-sigs.

A drawback to both of these proposals is that they don't offer the user a way to see attestations about certifications that the local installation knows nothing about. I'm not sure what the right way to do that is -- perhaps it doesn't matter? I could imagine something like gpg --list-unknown-attestations which would produce a list of digests, but that doesn't seem particularly meaningful or useful.

Manipulating Attestations

GnuPG doesn't have a standard way to identify individual certifications, and probably shouldn't try to build one only for this purpose. Instead, we offer the user a reasonable interface for doing sensible operations. Advanced users who need more sophisticated targeting can make do with a combination of these commands with "--edit-key delsig", but they are not the target users.

Adding Attestations

gpg --quick-add-attestations [--include-historic] <user-id> [<signer-id> …]

<user-id> can be either a UserID-matching string or a fingerprint, used to identify a set of certificates from those whose secret primary key we have access to. If <user-id> is a UserID-matching string, then the "subjects" are only the matched User ID(s) from those certificate(s). If <user-id> is a fingerprint, then the "subjects" are every User ID associated with the given primary key.

Each <signer-id> can be either a User ID matching string, or a fingerprint, used to identify a third-party whose certifications we want to attest to. The "third-parties" are the set of primary keys which match <signer-id>. Note that there can be multiple <signer-id>s. If there is more than one, then the "third-parties" are the union of all matching primary keys. if <signer-id> is "*", then the "third-parties" are all possible primary keys.

For each "subject", then:

  • GnuPG assembles a list of certifications over the User IDs made by any of the "third-parties" (primary keys). This is the pool of new proposed attestations for this subject.
  • Unless "--include-historic" was given, GnuPG removes from the pool all but the most recent certification from each third-party.
  • GnuPG then calculates the digests of all certifications in the pool, yielding a proposed set of digests.
  • GnuPG then takes the set of digests in the most recent Attestation Key Signature over the "subject" (or the empty set, if no AKS exists for "subject"), and inserts this pre-existing set into the proposed set.
  • if the resulting proposed set is identical to the pre-existing set, then there is nothing to do, and GnuPG can terminate.
  • Otherwise, GnuPG then makes a new Attestation Key Signature over the subject, covering exactly the members of the proposed set.

Removing Attestations

gpg --quick-remove-attestations [--remove-unknown] [--remove-historic] <user-id> [<signer-id> …]

<user-id> and <signer-id> match to select "subjects" and "third-parties" the same way as --quick-add-attestation, but what GnuPG does with them is different. For each "subject":

  • GnuPG takes the set of digests in the most recent Attestation Key Signature over the "subject" (or the empty set, if no AKS exists). We populate the proposed set of digests to retain from this pre-existing set of digests.
  • We take all digests that GnuPG can associate with specific certifications, and we group those certifications by issuer. For each issuer:
    • If the issuer is one of the "third-parties", remove all associated digests from the proposed set.
    • Otherwise, if more than one certification is in the set for this issuer, and "--remove-historic" was given, remove from the proposed set the digests of all but the most recent certifications.
  • If "--remove-unknown" was given, remove all digests from the proposed set that GnuPG cannot associate with a certification (typically, because it doesn't know about the certification).
  • If the proposed set is identical to the pre-existing set, there is nothing to do, and GnuPG can terminate.
  • Otherwise, GnuPG makes a new Attestation Key Signature over the subject, covering exactly the members of the proposed set.
dkg created this task.Sun, Sep 1, 1:45 PM
werner triaged this task as High priority.Sun, Sep 1, 7:30 PM
werner claimed this task.Thu, Sep 5, 6:33 PM
werner added a subscriber: werner.

Thanks for the detailed implemention plan. For the include-historic et al things it might be better to make use of the filter-syntax. I am not sure what is bets but that get clearer during coding. First step will be to add a parser and to silence 2.2 about this. I can imagine to later backport some basic functionality to 2.2

stm added a subscriber: stm.Sun, Sep 8, 12:42 PM

Here is an example containing such a Attestation Signature:

-----BEGIN PGP PUBLIC KEY BLOCK-----

xsJuBF101HcRCACZWUr00rDVrz1gmX2ki2uHc8oMiDT08oHzNr3Ie0Qj0tQ85vrD
VCvo65+1MnzZIkjoqgPwV8FmUBa3ipoeP59KiJLOCBi4UmtFis3YfXFRyNgopNtU
kLm+htUdeOQTvQa/kE4GFICiiIU5dZlgGYwBKTiRxiT2SnJft71tidgw+E8Y5cq+
ZGSCV4Dvi0DLDYOtyXgUUlu7co1MCXlCUwC1Cb+RAaIdIMm0gHnri8uth0MsUa1L
bbNT8xCWZB5BMVeUWJ9ircd3nAlT9EqVtNQj4X1vYsBRseWV+F3AAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAQDtGtzDa7W14Zj/zG+mWcYNCNm6
phZF2OeWknHOUEwQfwgAlLSajwlaw1zTDYj2ec4aif0zjCGZp6CI0j9rAxYd/ODn
+PCqknnpAbjXMHBj+K9Eol9RKeSiYPb1kvEy/tEtlPuxA4uKLyTN4v70g0HZ2kx8
nwE1nelMSLQMOrBDBb3v3MF16j7jad5h8itpdr9HYHbSpjU05h0ph1UGWiDf6BBN
gU94EYDvAImHjRczZ1iUUsaeWKyNdUh69CvDwrqojwqUXBff6uS/Vvnl6S69H1R8
fGv0GiEuCUsMQG8q/rIDjB8u5K8hMaB0Lli1SkoAyysGii4QfCBLFzK7Z5dW3RKQ
SYJXA18BHq2PhfDHLBUd36G1YoserO4SmuzzqDaBLwf/RdGSGoBpSryrndj1wBlO
doWWTLywxs9HPmkbLu095c1m7neq548z2q54daQCBHAftY2gP16j7+EJ9U5wc5+S
BZljF6Obu9KA2NuiPMSfSkmzxRbvCjbMIaZfLnGHACJULYJ+UEjQGpZsxV3VVwPA
K+7pnGSx+lIk3RDoqFgPDyH0xsxKbykjFtP/oh7zbB4x6O4Aa6k1/2D1fHkoJ19w
swNjdHq0Q4ERSDVr/xlnlrnnjZT///bHtgZnNbIWwnYQedlTfw/iZtwpWkDktMiL
qzK83G3uBYaB+H4lYOxtJPlMVzp/SCJ/uxeBHblz2XmtzjeZn3tJ1ZlgSFEoPeny
hc0eVGVzdEdyb3VwWSA8dGVzdGluZ0Bsb2NhbGhvc3Q+wpQEExEIAEYFAl101HgF
CQAAKjADCwkKCRD+Mm755vGqNwQVCgkIAhYBAheAAxsDCAIeAxYhBHX9CTMyydLz
/Kpnqv4ybvnm8ao3AiICAAB1iwEAhbHabPTZS2CFgi2uxWrhmPDFJxzZulspK06K
2VUlbcMA/jULi8l1rGb0rfkuebMq01g59ea7cWxX5XLivpLxtpIfwqgEEBEIAFoF
Al101HsFAwAArKsJEOXyRG+67V21LBpodHRwczovL3NhdmFubmFoLm5vbmdudS5v
cmcvcHJvamVjdHMvZGtncGcvFiEEsCHPs4Pgv25nHO+g5fJEb7rtXbUAAOGkAQDA
ceLVja1rdKu1yc5ROgmuzrgDdWl7b1VFMahny533/QD+P5BMqCs3EWJHWc+nhTuj
MqGchFQmJvB6+x3lFFU8m8nCwCQEFhEKAJYFgl101woJkP4ybvnm8ao3LBpodHRw
czovL3NhdmFubmFoLm5vbmdudS5vcmcvcHJvamVjdHMvZGtncGcvFiEEdf0JMzLJ
0vP8qmeq/jJu+ebxqjdBpaIpIEtosse9N6jas51qq2Iq5z99dM9hzFg4KRj9Rnap
DgkVn4Hue9msvzU+FGwpxwsOwgxvpU8Mp8ok0JFuKWMAAJW0AP9yJIvduZrJDLUp
zNyxPjyk9sRvvWDd/YRQS/w4qwxb+gD/QZtJ8LCaU4QUKwcVtFctRxqZBvG2M7/3
Exn56jAYNTE=
=O9mM
-----END PGP PUBLIC KEY BLOCK-----
georg added a subscriber: georg.Mon, Sep 9, 11:58 PM