Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Addon: Split GPG using GPG v2.1 architecture #474

Closed
marmarek opened this issue Mar 8, 2015 · 27 comments
Closed

Addon: Split GPG using GPG v2.1 architecture #474

marmarek opened this issue Mar 8, 2015 · 27 comments
Assignees
@marmarek
Labels
C: other P: major Priority: major. Between "default" and "critical" in severity. release notes This issue should be mentioned in the release notes. T: enhancement Type: enhancement. A new feature that does not yet exist or improvement of existing functionality.
Projects
Qubes R4.1-rc4

Comments

@marmarek
Copy link
Member

marmarek commented Mar 8, 2015
edited by andrewdavidwong

Reported by joanna on 8 Mar 2012 16:01 UTC
None

Migrated-From: https://wiki.qubes-os.org/ticket/474
@marmarek marmarek added this to the Release 2 milestone Mar 8, 2015
@marmarek marmarek added T: bug Type: bug report. A problem or defect resulting in unintended behavior in something that exists. C: core P: major Priority: major. Between "default" and "critical" in severity. labels Mar 8, 2015
@marmarek
Copy link
Member Author

marmarek commented Mar 8, 2015

Comment by joanna on 31 Mar 2012 12:13 UTC
http://lists.gnupg.org/pipermail/gnupg-devel/2012-February/026573.html

@marmarek
Copy link
Member Author

marmarek commented Mar 8, 2015

Modified by joanna on 8 Oct 2012 09:22 UTC

@marmarek marmarek modified the milestones: Release 2 Beta 2, Release 2 Mar 8, 2015
@marmarek
Copy link
Member Author

marmarek commented Mar 8, 2015

Modified by joanna on 2 Nov 2012 14:23 UTC

@marmarek marmarek added T: enhancement Type: enhancement. A new feature that does not yet exist or improvement of existing functionality. and removed T: bug Type: bug report. A problem or defect resulting in unintended behavior in something that exists. labels Mar 8, 2015
@marmarek
Copy link
Member Author

marmarek commented Mar 8, 2015

Modified by joanna on 8 Feb 2013 12:57 UTC

@marmarek
Copy link
Member Author

marmarek commented Mar 8, 2015

Modified by joanna on 24 Feb 2013 15:29 UTC

@marmarek marmarek added P: minor Priority: minor. The lowest priority, below "default." and removed P: major Priority: major. Between "default" and "critical" in severity. labels Mar 8, 2015
@marmarek marmarek changed the title Split GPG using GPG v2.1 arhictecture Addon: Split GPG using GPG v2.1 arhictecture Mar 8, 2015
@marmarek
Copy link
Member Author

marmarek commented Mar 8, 2015

Comment by abel on 12 Mar 2013 09:51 UTC
I've investigated this a bit more and here are my findings.

  1. This is blocking on a release of Gnupg 2.1, and possibly subsequent distro packaging

    I've been using the gnupg 2.1 git branch for some time as part of my Android porting work, and it is quite stable. It is up to the Qubes devs if this issue is important enough to consider compiling a gnupg 2.1 package from source.

  2. Version 2.1 is necessary due to fundamental changes in the way gpg2 and gpg-agent work

    In the 2.1 series, gpg-agent will be the sole holder of all public+private key material, and the gpg2 client will merely interface with gpg-agent over a UNIX domain socket.

  3. The socat utility will let us bridge gpg-agent and gpg2 over the Qubes rpc system

    At Marek's suggestion I investigated socat as a way to proxy the gpg2<->gpg-agent domain socket connection through Qubes' RPC. If I have more time I'll setup a working example between two VMs running hot'n'fresh 2.1.

@marmarek
Copy link
Member Author

marmarek commented Mar 8, 2015

Modified by joanna on 12 Mar 2013 10:29 UTC

@marmarek marmarek added P: major Priority: major. Between "default" and "critical" in severity. and removed P: minor Priority: minor. The lowest priority, below "default." labels Mar 8, 2015
@marmarek
Copy link
Member Author

marmarek commented Mar 8, 2015

Comment by joanna on 12 Mar 2013 10:35 UTC
I don't think it would be a problem to keep GPGv2.1 e.g. as a subrepo of gpg-split.git.

However, what I don't like in your description above is that you wrote: "gpg-agent will be the sole holder of all public+private key material". The fundamental problem with current implementation is that one needs to import public keys (untrusted files!) into the secure vault where gpg backend is running. And this is what we want to get rid of, and my mail to gunpg-devel, referenced above, was exactly about how to achieve that. Now, when you say that gpg-agent is maintaing both secret and public keys, I don't see how we can gain anything from v2.1? And this seems contradictory to Werner Koch wrote in this thread: "GnuPG-2 has been designed to separate private key and public key operations.". Also note that he mentiones v2, not v2.1...

@marmarek
Copy link
Member Author

marmarek commented Mar 8, 2015

Modified by Nukama on 4 May 2013 16:06 UTC

@marmarek marmarek changed the title Addon: Split GPG using GPG v2.1 arhictecture Addon: Split GPG using GPG v2.1 architecture Mar 8, 2015
@marmarek
Copy link
Member Author

marmarek commented Mar 8, 2015

Modified by joanna on 1 Aug 2013 11:56 UTC

@marmarek marmarek modified the milestones: Release 3, Release 2 Beta 3 Mar 8, 2015
@marmarek
Copy link
Member Author

marmarek commented Mar 8, 2015

Modified by joanna on 20 Apr 2014 17:02 UTC

@andrewdavidwong
Copy link
Member

I took over development to migrate it to python: HW42/qubes-app-linux-split-gpg2#6

Ok, thanks. I'll update this issue accordingly.

@andrewdavidwong andrewdavidwong assigned marmarek and unassigned HW42 Jun 9, 2019
@andrewdavidwong andrewdavidwong removed the S: needs review Status: needs review. Core devs must review contributed code for potential inclusion in Qubes OS. label Jun 9, 2019
@marmarek marmarek mentioned this issue Jun 13, 2019
Closed
@marmarek marmarek mentioned this issue Jun 23, 2021
Open
@marmarek marmarek added this to To do in Qubes R4.1-rc4 via automation Sep 4, 2021
@mfc mfc added the release notes This issue should be mentioned in the release notes. label Jan 6, 2022
@mfc
Copy link
Member

mfc commented Jan 6, 2022

i'd recommend adding this to the release notes since it's notable (assuming it is making it to R4.1-rc4)

marmarek added a commit to marmarek/qubes-builder that referenced this issue May 6, 2022
@marmarek
Include split-gpg2 in components
5a0fdd5 
QubesOS/qubes-issues#474
marmarek added a commit to marmarek/qubes-app-linux-split-gpg2 that referenced this issue Jun 30, 2022
@marmarek
Use stricter config file
77f56ab 
Change config file to an INI-like format. This allows sections for
separate clients, without writing conditional code in bash.

To preserve useful example from the old format, implement
'isolated_gnupghome_dirs directly in python.

While at it, abandon using config file on the client side at all, and
hardcode qrexec target to '@default'. This moves chosing the server vm
to the qrexec policy.

The new format allows more values for 'autoaccept' - besides just
timeout, allow also 'yes' (always skip confirmation) and 'no' (always
ask).

QubesOS/qubes-issues#474
marmarek added a commit to marmarek/qubes-app-linux-split-gpg2 that referenced this issue Jun 30, 2022
@marmarek
Use stricter config file
1dcebd3 
Change config file to an INI-like format. This allows sections for
separate clients, without writing conditional code in bash.

To preserve useful example from the old format, implement
'isolated_gnupghome_dirs directly in python.

While at it, abandon using config file on the client side at all, and
hardcode qrexec target to '@default'. This moves chosing the server vm
to the qrexec policy.

The new format allows more values for 'autoaccept' - besides just
timeout, allow also 'yes' (always skip confirmation) and 'no' (always
ask).

QubesOS/qubes-issues#474
marmarek added a commit to marmarek/qubes-app-linux-split-gpg2 that referenced this issue Jun 30, 2022
@marmarek
Use stricter config file
8eb47ef 
Change config file to an INI-like format. This allows sections for
separate clients, without writing conditional code in bash.

To preserve useful example from the old format, implement
'isolated_gnupghome_dirs directly in python.

While at it, abandon using config file on the client side at all, and
hardcode qrexec target to '@default'. This moves chosing the server vm
to the qrexec policy.

The new format allows more values for 'autoaccept' - besides just
timeout, allow also 'yes' (always skip confirmation) and 'no' (always
ask).

QubesOS/qubes-issues#474
marmarek added a commit to marmarek/qubes-app-linux-split-gpg2 that referenced this issue Jun 30, 2022
@marmarek
Use stricter config file
05331a5 
Change config file to an INI-like format. This allows sections for
separate clients, without writing conditional code in bash.

To preserve useful example from the old format, implement
'isolated_gnupghome_dirs directly in python.

While at it, abandon using config file on the client side at all, and
hardcode qrexec target to '@default'. This moves chosing the server vm
to the qrexec policy.

The new format allows more values for 'autoaccept' - besides just
timeout, allow also 'yes' (always skip confirmation) and 'no' (always
ask).

QubesOS/qubes-issues#474
This was referenced Feb 27, 2023
Closed
Closed
@andrewdavidwong andrewdavidwong removed this from the Release 4.2 milestone Aug 13, 2023
@qubesos-bot qubesos-bot mentioned this issue Sep 15, 2023
Closed
marmarek added a commit to QubesOS/qubes-builder that referenced this issue Sep 18, 2023
@marmarek
example-configs: include split-gpg2 in R4.1 too
b5c6d09 
QubesOS/qubes-issues#474
marmarek added a commit to QubesOS/qubes-builder that referenced this issue Sep 18, 2023
@marmarek
example-configs: set branch for split-gpg2
3737a43 
QubesOS/qubes-issues#474
@qubesos-bot qubesos-bot mentioned this issue Sep 18, 2023
Closed
@DemiMarie
Copy link

split-gpg2 is now shipping, this can be closed.

@qubesos-bot qubesos-bot mentioned this issue Jan 7, 2024
Closed
@qubesos-bot qubesos-bot mentioned this issue Feb 5, 2024
Closed
@qubesos-bot qubesos-bot mentioned this issue Apr 18, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@marmarek marmarek

Labels
C: other P: major Priority: major. Between "default" and "critical" in severity. release notes This issue should be mentioned in the release notes. T: enhancement Type: enhancement. A new feature that does not yet exist or improvement of existing functionality.
Projects
No open projects
Qubes R4.1-rc4
  
To do
Milestone
No milestone
Development

No branches or pull requests
7 participants
@marmarek @mfc @Vfreeze31 @DemiMarie @rootkovska @andrewdavidwong @HW42