Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/glep-0063.rst
blob: c59d545deab36fa4596b868d4581c11cfdf45a22 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202

---
GLEP: 63
Title: Gentoo GPG key policies
Author: Robin H. Johnson <robbat2@gentoo.org>,
        Andreas K. Hüttel <dilfridge@gentoo.org>,
        Marissa Fischer <blogtodiffer@gmail.com>
Type: Standards Track
Status: Final
Version: 1
Created: 2013-02-18
Last-Modified: 2015-08-25
Post-History: 2013-11-10
Content-Type: text/x-rst
---

Credits
=======

Many developers and external sources helped in this GLEP.

Abstract
========

This GLEP provides both a minimum requirement and a recommended set of GPG
key management policies for the Gentoo Linux distribution.

Motivation
==========

Given the increasing use and importance of cryptographic protocols in internet
transactions of any kind, unified requirements for GnuPG keys used in Gentoo
Linux development are sorely needed.  This document provides both a set of
bare minimum requirements and a set of best practice recommendations for
the use of GnuPG by Gentoo Linux developers.  It is intended to provide
a basis for future improvements such as, e.g., consistent ebuild or package
signing and verifying by end users.

Specifications for GnuPG keys
=============================

Bare minimum requirements
-------------------------
1. SHA2-series output digest (SHA1 digests internally permitted),
   256bit or more::

       personal-digest-preferences SHA256

2. Root key and signing subkey of EITHER:

   a. DSA, 2048-bit

   b. RSA, >=2048 bits, RSAv4 or later only

3. Key expiry: 5 years maximum

4. Upload your key to the SKS keyserver rotation before usage!

Recommendations
---------------

1. Copy ``/usr/share/gnupg/gpg-conf.skel`` to ``~/.gnupg/gpg.conf``, append
   the following block::

       keyserver pool.sks-keyservers.net

       emit-version

       default-recipient-self

       # -- All of the below portion from the RiseUp.net OpenPGP best practices, and
       # -- many of them are also in the Debian GPG documentation.

       # when outputting certificates, view user IDs distinctly from keys:
       fixed-list-mode

       # long keyids are more collision-resistant than short keyids (it's trivial to make a key
       # with any desired short keyid)
       # NOTE: this breaks kmail gnupg support!
       keyid-format 0xlong

       # when multiple digests are supported by all recipients, choose the strongest one:
       personal-digest-preferences SHA512 SHA384 SHA256 SHA224

       # preferences chosen for new keys should prioritize stronger algorithms:
       default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 BZIP2 ZLIB ZIP Uncompressed

       # If you use a graphical environment (and even if you don't) you should be using an agent:
       # (similar arguments as  https://www.debian-administration.org/users/dkg/weblog/64)
       use-agent

       # You should always know at a glance which User IDs gpg thinks are legitimately bound to
       # the keys in your keyring:
       verify-options show-uid-validity
       list-options show-uid-validity

       # include an unambiguous indicator of which key made a signature:
       # (see http://thread.gmane.org/gmane.mail.notmuch.general/3721/focus=7234)
       # (and http://www.ietf.org/mail-archive/web/openpgp/current/msg00405.html)
       sig-notation issuer-fpr@notations.openpgp.fifthhorseman.net=%g

       # when making an OpenPGP certification, use a stronger digest than the default SHA1:
       cert-digest-algo SHA256

2. Root key type RSA, 4096 bits, RSAv4 or later

   This may require creating an entirely new key.

3. Dedicated signing subkey of EITHER:

   a. DSA 2048 bits exactly.

   b. RSA 4096 bits exactly.

4. Key expiry:

   a. Root key: 3 years maximum, expiry date renewed annually.

   b. Gentoo subkey: 1 year maximum, expiry date renewed every 6 months.

5. Create a revocation certificate & store it hardcopy offsite securely
   (it's about ~300 bytes).

6. Encrypted backup of your secret keys.

Gentoo LDAP
===========

All Gentoo developers must list the complete GPG fingerprint for their root
keys in the "``gpgfingerprint``" LDAP field. It must be exactly 40 hex digits,
uppercase, with optional spaces every 8 hex digits. Regular expression for
validation::

    ^([[:space:]]*[[:xdigit:]]{8}){5}$

The prior "``gpgkey``" field will be removed, as it is a subset
of the fingerprint field. In any place that presently displays
the "``gpgkey``" field, the last 16 hex digits of the fingerprint should
be displayed instead.

Backwards Compatibility
=======================

There is no consistent standard for GPG usage in Gentoo to date. There is
conflicting information in the Devmanual [#DEVMANUAL-MANIFEST]_ and the GnuPG
Gentoo user guide [#GNUPG-USER]_. As there is little enforcement of Manifest
signing and very little commit signing to date, there are no backwards
compatibility concerns.

External documentation
======================

Much of the above was driven by the following:

* NIST SP 800-57 recommendations [#NISTSP800571]_, [#NISTSP800572]_

* Debian GPG documentation [#DEBIANGPG]_

* RiseUp.net OpenPGP best practices [#RISEUP]_

* ENISA Algorithms, Key Sizes and Parameters Report 2013 [#ENISA2013]_

References
==========

.. [#DEBIANGPG] Debian GPG documentation
   (https://wiki.debian.org/Keysigning)

.. [#EKAIA] Ana's blog: Creating a new GPG key
   (http://ekaia.org/blog/2009/05/10/creating-new-gpgkey/)

.. [#RISEUP] RiseUp.net OpenPGP best practices
   (https://help.riseup.net/en/security/message-security/openpgp/best-practices)

.. [#DEVMANUAL-MANIFEST] Gentoo Development Guide: Manifest
   (http://devmanual.gentoo.org/general-concepts/manifest/index.html)

.. [#GNUPG-USER] GnuPG Gentoo User Guide
   (http://www.gentoo.org/doc/en/gnupg-user.xml)

.. [#NISTSP800571] NIST SP 800-57: Recommendation for Key Management:
   Part 1: General (Revision 3)
   (http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57_part1_rev3_general.pdf)

.. [#NISTSP800572] NIST SP 800-57: Recommendation for Key Management:
   Part 2: Best Practices for Key Management Organization
   (http://csrc.nist.gov/publications/nistpubs/800-57/SP800-57-Part2.pdf)

.. [#ISSUER-ANNOTATE] Including the entire fingerprint of the issuer
  in an OpenPGP certification
  (http://thread.gmane.org/gmane.mail.notmuch.general/3721/focus=7234)

.. [#ENISA2013] ENISA Algorithms, Key Sizes and Parameters Report,
   2013 recommendations, version 1.0 (October 2013)
   (https://www.enisa.europa.eu/activities/identity-and-trust/library/deliverables/algorithms-key-sizes-and-parameters-report)

Copyright
=========
Copyright (c) 2013 by Robin Hugh Johnson, Andreas K. Hüttel, Marissa Fischer.

This work is licensed under the Creative Commons Attribution-ShareAlike 3.0
Unported License.  To view a copy of this license, visit
http://creativecommons.org/licenses/by-sa/3.0/.