Discussion:
PGP Clean Room GSoC Mentoring
(too old to reply)
Jacob Adams
2018-03-04 00:13:40 UTC
Permalink
Raw Message
Hello all,

(I wasn't sure if this was more appropriate for tails-dev or
tails-project. I decided on dev but feel free to redirect it if I chose
incorrectly)

I'm a prospective student for Debian's Google Summer of Code 2018 and
I am interested in working on a project that may be of interest to
those on this mailing list and that requires at least one more
co-mentor to move forward.

The biggest hurdle I faced when setting up my GPG key was creating and
storing it offline. I am looking to create a proper interface for a PGP
Clean Room Live CD that walks a user through setting up a set of USB
flash drives or sd cards as a raid disk, generating new GPG keys,
storing them there, and then exporting subkeys either on a separate USB
stick or a security key like a Yubikey. I'd also like to add the ability
to do things like revoke keys or extend expiration dates for them
through the application. You can see more of the ideas behind the
project here:
https://wiki.debian.org/SummerOfCode2018/Projects/CleanRoomForPGPKeyManagement

Such an application could also run on TAILS, although for safety reasons
probably only when networking is disabled.

Daniel Pocock has already agreed to be the primary mentor for this
project, but he will most likely be involved in at least one other
GSoC project and the admin team. I've sent out a few emails in Debian
but have received no reply as yet so I'm reaching out to the wider open
source community.
You can find the Mentor Guide here:
https://google.github.io/gsocguides/mentor/

Someone with experience in python, especially python's GPGME bindings,
would be much appreciated, although definitely not required.

Thanks,
Jacob
Andrew Gallagher
2018-03-04 11:29:46 UTC
Permalink
Raw Message
Post by Jacob Adams
The biggest hurdle I faced when setting up my GPG key was creating and
storing it offline. I am looking to create a proper interface for a PGP
Clean Room Live CD that walks a user through setting up a set of USB
flash drives or sd cards as a raid disk, generating new GPG keys,
storing them there, and then exporting subkeys either on a separate USB
stick or a security key like a Yubikey. I'd also like to add the ability
to do things like revoke keys or extend expiration dates for them
through the application. You can see more of the ideas behind the
https://wiki.debian.org/SummerOfCode2018/Projects/CleanRoomForPGPKeyManagement
Such an application could also run on TAILS, although for safety reasons
probably only when networking is disabled.
Hi, Jacob.

I have a rudimentary tails-based solution at https://github.com/andrewgdotcom/frith that you may be interested in. I haven’t had much time to work on it recently, so it’s not very polished. But it does most of what you are asking for. Feel free to contact me off list.

Andrew.

Loading...