[ntp:security] Updates

Brad Knowles brad at shub-internet.org
Wed Aug 12 21:59:05 UTC 2015


Okay, we now have six addresses subscribed to this list.  They are:

	danny.mayer at pega.com
	knowles at ntp.org
	mayer at ntp.org
	perlinger at ntp.org
	sgraves at nwtime.org
	stenn at ntp.org

I will be shortly sending out some GPG/PGP crypto keys.  We have a 2015 Master Key Signing Key, and a 2015 Daily Use Operational Key, plus their respective revocation certificates.

For the 2015 Master Key Signing Key, please keep the secret part and the key revocation certificate offline, in a secure location, and preferably on physically separate media.  It doesn’t have to be a bank vault, but some sort of safe would be good.  This key will only be used to sign other keys, so it’s the master key to all the other keys we might have.  We want to keep this one ultra-safe and secure.

For the 2015 Daily Use Operational Key, please keep the key revocation certificate offline, in a secure location.  You can keep the secret part to the key online on a machine you use frequently (such as a laptop or desktop), but please make sure that machine is secure, and that the passphrase you use is strong.  It is possible to change the passphrase once you have a copy of a secret key, but if you’re going to change the passphrase to something else other than the default that I create, please make sure that it is at least equally strong.  This is the key we should be using on a daily basis for sending or receiving messages for security at ntp.org, so you will want to get sufficiently comfortable with that process.

Please don’t put any of the sensitive parts of these keys on shared machines, especially on machines that you do not have physical control over.

When I generated the respective revocation certificates, GPG gave me a warning.  I want to share that warning with you now:

	Please move it to a medium which you can hide away; if Mallory gets
	access to this certificate he can use it to make your key unusable.
	It is smart to print this certificate and store it away, just in case
	your media become unreadable.  But have some caution:  The print system of
	your machine might store the data and make it available to others!

We will work out whether we want to put both public keys on the key servers, or if we only want to put the public part of the 2015 Daily Use Operational key on the keyservers.  We will probably want to publish both public keys somewhere else that we control, but we have not yet worked out the details for that.

Here are the fingerprints for the two keys that I will be sending out shortly:

	$ gpg --fingerprint C606A26F 0066B2FD
	pub   4096R/C606A26F 2015-08-12 [expires: 2017-08-11]
	      Key fingerprint = ADB3 4295 6986 0792 8B5F  1975 A6E2 E982 C606 A26F
	uid       [ultimate] NTP.org Security Team (2015 Master Key Signing Key) <security at ntp.org>
	sub   4096R/EB108E1C 2015-08-12 [expires: 2017-08-11]

	pub   3072R/0066B2FD 2015-08-12 [expires: 2017-08-11]
	      Key fingerprint = 0E21 6278 E81F 12C9 DD2A  AEF5 AE63 639D 0066 B2FD
	uid       [ultimate] NTP.org Security Team (2015 Daily Use Operational Key) <security at ntp.org>
	sub   3072R/C17304B1 2015-08-12 [expires: 2017-08-11]

When you get the encrypted messages, please arrange to talk to me via voice for the passphrase.  My cell is 512-964-2949, and my home number is 512-346-9073, but I suspect we’ll want to use a more secure voice channel to have the actual conversation.

Brad Knowles <brad at shub-internet.org>
LinkedIn Profile: <http://tinyurl.com/y8kpxu>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.ntp.org/private/security/attachments/20150812/661b54a7/attachment.sig>

More information about the security mailing list