[Mageia-sysadm] [814] - add a module to generate gnupg key ( similar to the one for openssl
Michael Scherer
misc at zarb.org
Mon Jan 17 18:07:44 CET 2011
Le lundi 17 janvier 2011 à 16:35 +0000, Pascal Terjan a écrit :
> On Mon, Jan 17, 2011 at 16:23, Michael Scherer <misc at zarb.org> wrote:
> > Le lundi 17 janvier 2011 à 16:24 +0100, root at mageia.org a écrit :
> >> Revision: 814
> >> Author: misc
> >> Date: 2011-01-17 16:24:10 +0100 (Mon, 17 Jan 2011)
> >> Log Message:
> >> -----------
> >> - add a module to generate gnupg key ( similar to the one for openssl
> >> certs )
> >
> > Ok so now we have the command to generate key, I propose to ... generate
> > a key ( we can also party, if we prefer ).
>
> Or both
Yeah \o/
First drink, then commit ?
> > According to http://www.awe.com/mark/blog/200701300906.html , RH use a
> > master key that sign the release keys. So doing like this would allow us
> > to ask for signing the master key, we can renew it when needed, and we
> > use it to sign the release key. ( RH also have a HSM for that :
> > http://iss.thalesgroup.com/en/Products/Hardware%20Security%
> > 20Modules/nShield%20Solo.aspx , but there is no price tag. If someone by
> > chance know some Thales insider, it would be interesting to have more
> > information ).
>
> Ah that's close to what I was suggesting :)
> Storing it on something like https://store.ironkey.com/personal would
> make sense (hardware encryption, if you try n times (5 or 10 I think)
> to unlock with wrong passphrase data is destroyed by the hardware)
That doesn't fight against the same threat.
The rh solution prevent theft of the key. This one prevent bruteforce of
the key.
But that could be a part of the solution. We put the master key on that,
we send it to the president, we store a backup protected by a shamir
secret sharing ( http://en.wikipedia.org/wiki/Shamir's_Secret_Sharing ),
given to various people ( like to the 9 admins, with a threshold of 4 or
5 ), so if the president lose the password (*khof*) and destroy the key,
we can still get it.
I guess we should list the threat we will be facing before deciding on a
definite scheme.
--
Michael Scherer
More information about the Mageia-sysadm
mailing list