23

I have a service through SSL which gives the user a code for a specific reason. I want to sign the code with the web server's private key (gpg --clearsign) and send the signed code along so that they can verify its origin after they leave my site.

Unfortunately I get the error:

gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.

I roughly understand what it means, although I am unsure of a method to give my server's public key while maintaining trust.

Do I have to "sign" the public key that is exported (and then supplied to the user) with the user to whom it was exported?

What are some simple methods to provide this trust?

I've read about keyservers and frankly that is not really an option for me, I am unsure of how I can get this to work.

techraf
  • 9,141
  • 11
  • 44
  • 62
Ken Bachmann
  • 233
  • 1
  • 2
  • 4

1 Answers1

19

Basically the problem is a matter of trust.

When you sign a file, someone needs to retrieve your public key to check the signature, but how can they be sure that this is really your signature?

GPG provide a way to do that called the Web of trust. For example, let's say you are Bob and want to discuss with Alice. You already know Ted, which is a friend of yours and you already exchanged key to discuss using GPG. You know that Ted knows Alice too. So you can ask him to give you Alice's public key and sign it. Thus when you read this key, you can check Ted's signature to be sure the key is valid.

Of course, you must have faith that Ted will behave correctly and not sign anything blindly.

So in your case, you cannot avoid this warning. The user has to be able to retrieve the key in a way he finds secure, so that he can mark this key as trusted. Unless you know other people who knows your client and can sign your key for the new client. Bu definitely, self signed key are useless (I can make false and sign with it).

M'vy
  • 13,033
  • 3
  • 47
  • 69
  • I can supply the key through https (separate from each download, a link to) and then the public key cannot be falsified or tampered with to what SSL/TLS and its certificate authentication will allow/ensure. I will just write a note stating that it will warn, as I am sure they'll understand that it on the server is secure enough. – Ken Bachmann Sep 05 '11 at 08:36
  • 1
    @KenBachmann: Are you sure you can trust ultimately SSL? Have a look at this (maybe old but still actual) [video](http://www.youtube.com/watch?v=ibF36Yyeehw). I would say get public key by any means, but then verify it's fingerprint the way you trust (SMS, sending a fax, sending paper mail, ...). – dma_k Nov 21 '14 at 23:23
  • 1
    Some people who don't trust the man in the middle write their public key fingerprint in business card so that when you give your business card for the first time, they can go and retrieve the key from public store then compare the fingerprints. – vimdude Oct 08 '16 at 15:52