Tails

#2 Updated by sajolida 2016-02-03 14:00:00

Here is some preparation for the meeting tonight:

The installation assistant forces people to do a verification
equivalent to HTTPS (Browser extension or BitTorrent). With this in
mind, the OpenPGP verification only makes sense for people:

• Using the web-of-trust. As we’re documenting in /install/debian/usb.
• Relying on TOFU. Note that with automatic upgrades and in the future
  with full self upgrades (Feature #7499), a typical user won’t download and
  verify ISO images very often, or at least rely on this “first use”
  for quite a while. TOFU only improves the security of the subsequent
  uses.
• Correlate downloads (/doc/get/trusting_tails_signing_key#index1h1).
  Which is not a proper cryptographic technique and is quite
  impractical for a first-time user.

So really, the OpenPGP verification mostly makes sense if using the
web-of-trust.

The current instructions focus on step-by-step instructions on how to
download the key and verify the ISO image against it; which doesn’t
provide strong authenticity (see /download.html#index3h1). They are
fairly complicated (see the user support load on the “Not enough
information to check the signature validity.” message) but were very
relevant before we could provide HTTPS-equivalent verification for
everybody. In them, trusting the Tails signing key was proposed as an
additional check to provide authenticity.

I think we should acknowledge that proper OpenPGP verification with
the web-of-trust is not accessible to first-time users who landed on
our website and want to give Tails a try. But are for people who
already know the basics of OpenPGP for encrypting their emails, for
example.

So as a general direction, I think we should focus on:

• Documenting better the strategy behind the web-of-trust which is the
  game changer here.
• Pushing bits of OpenPGP verification to Tails Installer.

And not so much on providing step-by-step instructions for OpenPGP
basics. Not that it’s a bad thing as such but more as a question of
priority. Also note as a general policy, documenting how to use
Gpg4Win, GPGTools, etc. could be considered out-of-scope in our
documentation.

Regarding what to do now, I propose we:

• Rescue /download.html#index3h1 and make it clear in the intro that
  this is meant for people who already know the basic of OpenPGP and
  insist more on the web-of-trust verification.
• I’m not sure it’s relevant to keep /doc/get/verify_*, further
  improve these pages (see Feature #7147), etc. Maybe helping upstream on the
  long-term would be better but we’ve not been very good at this in
  the past.
• I’m not sure what to do with the download correlation technique
  right now, but I don’t mind leaving it around for some time.

#6 Updated by sajolida 2016-02-12 16:15:57

Issue raised on https://mailman.boum.org/pipermail/tails-dev/2016-February/010272.html.

#10 Updated by sajolida 2016-03-12 14:45:16

People trying the download correlation get confused whenever our we update our key file on the website. So I think we should drop that technique now that we have the assistant.

#11 Updated by intrigeri 2016-03-12 16:21:03

> People trying the download correlation get confused whenever our we update our key file on the website.

Indeed, re-reading that piece of doc, pieces of it are totally buggy, in the sense they rely implicitly on the fact that key file doesn’t ever change.

> So I think we should drop that technique […].

I agree we should drop that technique: the vast majority of people who will do it right don’t need us to document it.