|
|
| Previous | Table of Contents | Next |
To exchange PGP Public keys, you exchange PGP keyfiles. A keyfile is similar to a key ring, except that it has no trust information or other bits that might be considered personal or confidential.
When extracting keys from a key ring into a keyfile, PGP will extract exactly one key, or every key, into the keyfile. PGP will extract the first key that matches the userid. For example, Ruth could extract her key using the following command:
~> pgp -kxa tara tara.asc Pretty Good Privacy(tm) 2.6.2 - Public-key encryption for the masses. (c) 1990-1994 Philip Zimmermann, Phil’s Pretty Good Software. 11 Oct 94 Uses the RSAREF(tm) Toolkit, which is copyright RSA Data Security, Inc. Distributed by the Massachusetts Institute of Technology. Export of this software may be restricted by the U.S. government. Current time: 1995/11/21 18:10 GMT Extracting from key ring: ‘/tmp/pubring.pgp’, userid “tara”. Key for user ID: Ruth Thomas <tara@mail.Free.NET> 1024-bit key, Key ID D0C6326D, created 1995/11/14 Transport armor file: tara.asc Key extracted to file ‘tara.asc’.
Ruth now has a file called tara.asc that contains her public key. She can send this key to other people using e-mail, netnews, the keyservers, or any other key distribution mechanism. Sometimes it is useful to extract the whole key ring into a keyfile. For example, a key ring can be extracted to move it from one location to another. To extract the whole key ring into a keyfile, use a null userid, which can be obtained by using two sets of quotes:
~> pgp -kxa “ ” mykeys.asc Pretty Good Privacy(tm) 2.6.2 - Public-key encryption for the masses. (c) 1990-1994 Philip Zimmermann, Phil’s Pretty Good Software. 11 Oct 94 Uses the RSAREF(tm) Toolkit, which is copyright RSA Data Security, Inc. Distributed by the Massachusetts Institute of Technology. Export of this software may be restricted by the U.S. government. Current time: 1995/11/21 18:13 GMT Transport armor file: mykeys.asc Key extracted to file ‘mykeys.asc’.
The file mykeys.asc now contains the full contents of the key ring and can be sent to anyone just like in the previous example. In both of these examples, it was known that the key or keys were being extracted so that they could be sent elsewhere. Sometimes, however, it is necessary to extract a key in a form on which PGP can operate.
PGP can treat keyfiles like key rings because the formats are the same. Usually, this distinction is clear and important. At times, however, the distinction between key rings and keyfiles should be overlooked. When you want to treat a keyfile as a key ring, it must be in binary format. This means that you cannot use the -a option when generating the keyfile/key ring.
If you want to send a subset of a key ring in a single keyfile, for example, you need to extract each key, one-by-one, into a keyfile. PGP treats this keyfile as a key ring and all the keys can be extracted into another keyfile to send. The following example shows a simple Unix shell script that extracts a set of keys into a file named keys.asc, which can be sent via e-mail to someone else. First PGP extracts the requested keys into a keyfile called keyfile.pgp. Next, PGP treats that keyfile as a key ring and extracts the keys into an armored keyfile called keys.asc.
#!/bin/sh
rm -f keyfile.pgp
for user in user1 user2 user3; do
pgp -kx $user keyfile.pgp;
done
pgp -kxa “ keys.asc keyfile.pgp
rm -f keyfile.pgp
You can now e-mail the output file, keys.asc, to the intended recipients so that they can add it to their key rings using pgp -ka.
A signature on a key is an important statement that a user can make about that key. In general, a signature on a key means that the signer has verified, to some degree, that the key actually belongs to the user whose userid is on the key. PGP uses signatures to build up trust in a key. In general, the more signatures on a key, the more likely that it will be trusted. The mere existence of signatures on a key, however, is not enough to force PGP to trust the key as valid.
A key signature is a binding between the key parameters (the RSA modulus and exponent, in the RSA case) with the userid that is being signed. If userids are added or changed, the signature will fail. Users should never sign a key without first verifying it. Methods of verification are discussed in the section, “Key Fingerprints and Verifying Keys.”
When a key has been verified, a user may choose to sign it. Signing a key involves using a secret key to sign the public key parameters and the userid of the public key to be signed. To sign a key, use the -ks option in PGP. For example, Ruth could sign the key of the userid warlord in this manner:
~> pgp -ks warlord
Pretty Good Privacy(tm) 2.6.2 - Public-key encryption for the masses.
(c) 1990-1994 Philip Zimmermann, Phil’s Pretty Good Software. 11 Oct 94
Uses the RSAREF(tm) Toolkit, which is copyright RSA Data Security, Inc.
Distributed by the Massachusetts Institute of Technology.
Export of this software may be restricted by the U.S. government.
Current time: 1995/11/21 18:42 GMT
Looking for key for user ‘warlord’:
Key for user ID: Derek Atkins <warlord@MIT.EDU>
709-bit key, Key ID C1B06AF1, created 1992/09/25
Key fingerprint = A0 9A 7E 2F 97 31 63 83 C8 7B 9C 8E DE 0E 8D F9
READ CAREFULLY: Based on your own direct first-hand knowledge, are
you absolutely certain that you are prepared to solemnly certify that
the above public key actually belongs to the user specified by the
above user ID (y/N)? yes
You need a pass phrase to unlock your RSA secret key.
Key for user ID “Ruth Thomas <tara@mail.Free.NET>”
Enter pass phrase: Pass phrase is good. Just a moment....
Key signature certificate added.
Next, PGP will go through the key ring and validate the trust parameters of the keys. Because Ruth’s own key is ultimately trusted, Ruth’s signature implies that warlord’s key is valid to Ruth. In other words, PGP makes the assertion that a user who signs keys will not fool him- or herself into signing false keys. With this method, a signature by a user’s own key is enough to trust its validity.
When keys become trusted as valid, the keys can then act as introducers. PGP examines the key ring and asks you to place a trust on valid keys. How much do you trust a key to sign other keys? For each valid key, PGP will ask this question. Using these answers, more keys can become trusted as valid, and so on. This is how the web of trust is built.
| Previous | Table of Contents | Next |