Debian OpenPGP audit log [was: Re: Tor exit nodes]

To: Enrico Zini <[email protected]>, Roberto C. Sánchez <[email protected]>, [email protected]
Subject: Debian OpenPGP audit log [was: Re: Tor exit nodes]
From: Daniel Kahn Gillmor <[email protected]>
Date: Tue, 10 Oct 2017 13:18:23 -0400
Delivered-to: [email protected]
Delivered-to: [email protected]
In-reply-to: <[email protected]>
List-archive: <file://master.debian.org:~debian/archive/debian-private/>
List-help: <mailto:[email protected]?subject=help>
List-id: <debian-private.lists.debian.org>
List-post: <mailto:[email protected]>
List-url: <https://lists.debian.org/debian-private/>
Old-return-path: <[email protected]>
References: <[email protected]> <[email protected]> <A2A20EC3B8560D408356CAC2FC148E53BB448C67@SUN-DAG3.synchrotron-soleil.fr> <10860438.zDTZX8SP8J@xev> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]>
Resent-date: Tue, 10 Oct 2017 17:18:52 +0000 (UTC)
Resent-from: [email protected]
Resent-message-id: <d7S8ViJFaQB.A.JRF.8DQ3ZB@bendel>
Resent-sender: [email protected]

On Tue 2017-10-10 15:22:06 +0200, Enrico Zini wrote:
> To me it would be already a big step forward to make Debian workflows
> auditable, so anyone can have a look at what other people are doing.
>
> Contributions are generally all in the open, but it's pretty hard to
> collate them all into a single audit log that one can look at.
>
> I would find such a thing useful also to audit myself, to see if things
> are being done in my name that I am now aware of.

I would also like this, for my own keys, and for the keys that i really
depend on (like the archive signing key, for example).

A likely approach would be similar to the "certificate transparency"
model, where a signature from a public key isn't accepted unless/until
it has been logged publicly someplace.  This creates an incentive to
log, and the log itself provides the transparency needed to make it
*possible* to audit.

If anyone is interested in working on this, i'd be happy to talk more
about it further -- there are several designs in the "binary
transparency" space that take this approach, and it would be great if
debian could lead the way.

sadly, i lack the time to implement this myself right now.

> (all my reply can be quoted on a public list)

same with mine.

     --dkg

Attachment: signature.asc
Description: PGP signature

Follow-Ups:
- Re: Debian OpenPGP audit log
  - From: Jonathan Nieder <[email protected]>

References:
- Dmitry Bogatov arrested in Moscow
  - From: Dmitry Shachnev <[email protected]>
- Re: Tor exit nodes
  - From: Gunnar Wolf <[email protected]>
- RE:Tor exit nodes
  - From: PICCA Frederic-Emmanuel <[email protected]>
- Re: Tor exit nodes
  - From: Russell Coker <[email protected]>
- Re: Tor exit nodes
  - From: Holger Levsen <[email protected]>
- Re: Tor exit nodes
  - From: Lars Wirzenius <[email protected]>
- Re: Tor exit nodes
  - From: Adam Borowski <[email protected]>
- Re: Tor exit nodes
  - From: Russ Allbery <[email protected]>
- Re: Tor exit nodes
  - From: Adam Borowski <[email protected]>
- Re: Tor exit nodes
  - From: Roberto C. Sánchez <[email protected]>
- Re: Tor exit nodes
  - From: Enrico Zini <[email protected]>

Prev by Date: Re: Tor exit nodes
Next by Date: Re: Debian OpenPGP audit log
Previous by thread: Re: Tor exit nodes
Next by thread: Re: Debian OpenPGP audit log
Index(es):
- Date
- Thread