New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Keys security #97
Comments
I wonder why we can't just encrypt messages with a user's public key such that only they can decrypt it with their private key. That way, no one needs to share the private key. |
It's definitely a problem. I'd consider it the greatest barrier to adoption. While we do need better security around private keys, I'd argue it's critical that we have a way of rotating keys when a private key is inevitably compromised. (It appears that may have happened to a lot of users just this week.) If we don't have a mechanism for replacing our compromised private keys, people will get fed up and stop using it. Here's my current thinking on a set of NIPs that could help solve this. #45 (comment) |
this is by far the most difficult aspect, keeping the key for long term without risk of compromission. This is a long hanging fruit since the birth of pgp. A good reading about it here: |
I suggest master-signing private keys mechanism. Master public key represents User id, and user can use different signing private key at different client. |
Any private key can be lost. Some kind of Real Name service is necessary. Real Name service will declare that a new public key is inheriting old public key. Clients can choose which Real Name service to trust. |
Nice try, fed. |
Having a key compromised does not stop you from using it. A user can then post their new public key and make a case for why they are the initial key holder and not an impersonator. There should be a feature in the protocol whereby a user can mark themselves as compromised, so that their subscribers will be alerted by the client software that they need to figure out which new public key is the right one through either being convinced by a message or out of band. |
The fact that anyone can make a client and request user's private keys is a big security risk. If we have 10s of clients there's a chance at least one of them will get compromised.
Not sure if there's already a solution for this.
How about we link keys?
A user can generate new private keys on every client instead of sharing the same key, link the public key to other public keys that they have that way one user can have multiple keys but same identity. When one key is compromised they can simply use other keys to delete the compromised one.
Just a thought, not sure if this is possible in the current implementation or not, I'm still reading through trying to understand it fully. Any ideas are welcome.
The text was updated successfully, but these errors were encountered: