Issues with Patrick Schleizer's OpenPGP signing keys

whonixuser6 · December 23, 2024, 8:35am

Web of Trust key signing issue

Regarding the Kicksecure/Whonix project’s signing key (Patrick Schleizer’s OpenPGP key), on the wiki page Download the Kicksecure Signing Key - OpenPGP Web of Trust it states that:

Jan Dittberner [6] (Debian Developer) [7] signed Patrick’s key. So did intrigeri (Tails developer, Debian Developer); Peter Palfrader (Debian Developer); Richard King; and Michael Carbone (accessnow.org).

But when I checked if that was true, I could only find that Jan Dittberner had signed Patrick’s key.

I downloaded Patrick’s key using a browser from https://www.kicksecure.com/keys/derivative.asc, it has 104 signatures.
The key fingerprint is: 916B 8D99 C38E AF5E 8ADC 7A2A 8D66 066A 2EEA CCDA

I downloaded Jan Dittberner’s key, intrigeri’s key, and Peter Palfrader’s key using a browser by looking it up on the Debian keyring website.
The key fingerprints are:

Jan Dittberner: B2FF 1D95 CE8F 7A22 DF4C F09B A73E 0055 558F B8DD
intrigeri: 7C84 A74C FB12 BC43 9E81 BA78 C929 49B8 A63B B098
Peter Palfrader: E3ED 482E 44A5 3F5B BE58 5032 D50F 9EBC 09E6 9937

I don’t know who Richard King is and the name is too common for a web search, so I did not download his key.

I downloaded Michael Carbone’s key from keys.openpgp.org, based on the link to the key posted on his profile on both the Qubes OS - Team webpage and on his GitHub profile.
The key fingerprint is: D3D8 BEBF ECE8 91AC 46A7 30DE 63FC 4D26 84A7 33B4

After importing all these keys, I ran the following command on Patrick’s derivative.asc key and there are now only 103 (instead of 104) signatures not checked due to missing keys:

gpg --keyid-format long --import --import-options show-only --with-fingerprint derivative.asc 
gpg: key 8D66066A2EEACCDA: 103 signatures not checked due to missing keys
pub   rsa4096/8D66066A2EEACCDA 2014-01-16 [SC] [expires: 2026-01-23]
      Key fingerprint = 916B 8D99 C38E AF5E 8ADC  7A2A 8D66 066A 2EEA CCDA
uid                            Patrick Schleizer <adrelanos@kicksecure.com>
uid                            Patrick Schleizer <adrelanos@riseup.net>
uid                            Patrick Schleizer <adrelanos@whonix.org>
sub   rsa4096/3B1E6942CE998547 2014-01-16 [E] [expires: 2026-01-23]
sub   rsa4096/10FDAC53119B3FD6 2014-01-16 [A] [expires: 2026-01-23]
sub   rsa4096/CB8D50BB77BB3C48 2014-01-16 [S] [expires: 2026-01-23]

Using gpg --check-signatures only lists Jan Dittberner’s signature:

gpg --check-signatures 916B8D99C38EAF5E8ADC7A2A8D66066A2EEACCDA
pub   rsa4096 2014-01-16 [SC] [expires: 2026-01-23]
      916B8D99C38EAF5E8ADC7A2A8D66066A2EEACCDA
uid           [ unknown] Patrick Schleizer <adrelanos@kicksecure.com>
sig!3        8D66066A2EEACCDA 2020-10-23  Patrick Schleizer <adrelanos@kicksecure.com>
uid           [ unknown] Patrick Schleizer <adrelanos@riseup.net>
sig!3        8D66066A2EEACCDA 2020-01-25  Patrick Schleizer <adrelanos@kicksecure.com>
sig!3        8D66066A2EEACCDA 2016-04-18  Patrick Schleizer <adrelanos@kicksecure.com>
sig!3        8D66066A2EEACCDA 2014-10-06  Patrick Schleizer <adrelanos@kicksecure.com>
sig!3        8D66066A2EEACCDA 2014-01-16  Patrick Schleizer <adrelanos@kicksecure.com>
sig!         A73E0055558FB8DD 2014-10-04  Jan Dittberner <jan@dittberner.info>
uid           [ unknown] Patrick Schleizer <adrelanos@whonix.org>
sig!3        8D66066A2EEACCDA 2020-10-23  Patrick Schleizer <adrelanos@kicksecure.com>
sub   rsa4096 2014-01-16 [E] [expires: 2026-01-23]
sig!         8D66066A2EEACCDA 2020-01-25  Patrick Schleizer <adrelanos@kicksecure.com>
sub   rsa4096 2014-01-16 [A] [expires: 2026-01-23]
sig!         8D66066A2EEACCDA 2020-01-25  Patrick Schleizer <adrelanos@kicksecure.com>
sub   rsa4096 2014-01-16 [S] [expires: 2026-01-23]
sig!         8D66066A2EEACCDA 2020-01-25  Patrick Schleizer <adrelanos@kicksecure.com>

gpg: 10 good signatures
gpg: 103 signatures not checked due to missing keys

Key transition signed message issue

The second issue is that on the wiki page Patrick Schleizer - Key Transition it posts what are claimed to be two signed messages from Patrick (each message claimed to be signed with both his new and old key) that state:

Hash: SHA512

My old key was:

pub   4096R/0x9C131AD3713AAEEF 2012-03-02
      Key fingerprint = 9B15 7153 925C 303A 4225  3AFB 9C13 1AD3 713A AEEF
uid                 [ultimate] adrelanos <adrelanos@whonix.org>
sub   4096R/0xFEFB3583794279C4 2012-03-02

My new key is:

pub   4096R/0x8D66066A2EEACCDA 2014-01-16 [expires: 2015-01-16]
      Key fingerprint = 916B 8D99 C38E AF5E 8ADC  7A2A 8D66 066A 2EEA CCDA
uid                 [ unknown] Patrick Schleizer <adrelanos@whonix.org>
sub   4096R/0x3B1E6942CE998547 2014-01-16 [expires: 2015-01-16]
sub   4096R/0x10FDAC53119B3FD6 2014-01-16 [expires: 2015-01-16]
sub   4096R/0xCB8D50BB77BB3C48 2014-01-16 [expires: 2015-01-16]

You may fetch this key with GnuPG with the long form:

    gpg --recv-key 916B8D99C38EAF5E8ADC7A2A8D66066A2EEACCDA

My old key will continue to be valid, but I would prefer all future
communication to be done using my new key.

This document has been signed using both the old and the new keys so
that you can certify the transition. In addition, the new key has been
signed with the old one to confirm its validity.

If you'd like any further verification or have any questions about
this transition please contact me directly.

But when I wanted to verify the messages with gpg --verify it shows that the signature is bad. I copied the message texts into two text documents and saved them to my computer as message_newkey.txt and message_oldkey.txt. Then I used gpg --verify as follows:

Message claimed to be signed by Patrick’s new key:

gpg --verify message_newkey.txt
gpg: Signature made Fri Jan 17 18:32:04 2014 IST
gpg:                using RSA key 8D66066A2EEACCDA
gpg: BAD signature from "Patrick Schleizer <adrelanos@kicksecure.com>" [unknown]

I then imported Patrick’s old key from the Old Key section of the Patrick Schleizer wiki page as well as from keys.openpgp.org.
Old key fingerprint: 9B15 7153 925C 303A 4225 3AFB 9C13 1AD3 713A AEEF

I then again used gpg --verify and it shows the signature is bad:
Message claimed to be signed by Patrick’s old key:

gpg --verify message_oldkey.txt
gpg: Signature made Fri Jan 17 18:51:55 2014 IST
gpg:                using RSA key 9C131AD3713AAEEF
gpg: BAD signature from "adrelanos <adrelanos@riseup.net>" [unknown]

Patrick · December 23, 2024, 9:44am

That wiki chapter is for advanced users only.

Carbone’s key expired.

pub   rsa4096/0x99AB06246EEBF5A8 2014-10-18 [SCA] [expired: 2016-01-26]
      Key fingerprint = 2DBE 2014 E7B0 0730 303D  7AAB 99AB 0624 6EEB F5A8
uid                   [ expired] Michael Carbone <michael@accessnow.org>
uid                   [ expired] Michael Carbone <mfc@riseup.net>
uid                   [ expired] Michael Carbone <michael@invisiblethingslab.com>

pub   rsa4096/0x63FC4D2684A733B4 2016-06-17 [SC] [expired: 2020-06-21]
      Key fingerprint = D3D8 BEBF ECE8 91AC 46A7  30DE 63FC 4D26 84A7 33B4
uid                   [ expired] Michael Carbone <michael@accessnow.org>
uid                   [ expired] Michael Carbone <mfc@riseup.net>
uid                   [ expired] Michael Carbone <michael@qubes-os.org>

Even the newer key already expired. (Carbone might cycle keys every 4 years so there is a good chance there’s an even newer key by now.)

I am not keep track on people migrating to new keys. Also not if they use a key transition message and/or sign their new key with their old key.

My key is old enough. The key fingerprint can be found on third-party websites. web.archive.org, etc.

Hence, I am not sure anymore of the usefulness of that wiki chapter. Those who know how to use the OpenPGP web of trust know. And those who don’t know, conceptually cannot learn it from the same source (project website).

That sounds as if that is a problem.

You cannot rely on literal example gpg output and/or literally copy/paste gpg commands without deep understanding what it means. Literal reading or copy/paste is of zero benefit for the user. You cannot learn about gpg, web of trust from the same website you’re attempting to verify. This is a longer argument, I have made on the following wiki page:

WIthout deeply studying, understanding that wiki pages, my words probably don’t make sense.

All you need is this command:

gpg --list-sigs key-fingerprint

And you must not even be dependent on this support forum to tell you to know that.

Tracking down the keys, handling key migrations, is only something the one doing the key verification (the gpg user) can do.

It was broken by wiki mass editing. This change:

Fixed in the wik just now.

e-coin · January 12, 2025, 4:21pm

I have personally experienced this with a Patrick post.
When you’re dealing with people who really know what they’re saying, the true meaning of their words tends to unfold as you own level of understanding grows.