Zimmermann: More Pie Please

Phil Zimmermann, inventor of PGP and chairman of the OpenPGP Alliance, doesn't play the banjo, as mainstream media has reported. He showed up at the Annual Linux showcase keysigning Birds of a Feather (BoF) to set the record straight about the banjo thing and, more importantly, to talk about keysigning, among other things.

Zimmermann says that the current practice of keysignings, with government-issued identification, recitation of fingerprints and other rituals, is missing the point of helping users get the practical benefits of encrypting their mail. "What did I start? I feel like I've created a monster", he told a crowd of GPG users.

Zimmermann explained alternatives to the keysigning monster in an interview. "A decade ago it made sense to go for maximum security regarding how to trust whether a key is really the right key", he said. "But things can get paralyzed by excessive analness."

"If you're in a situation where your threat model is powerful adversaries who are going to put forth a focused attack, you have to use formal methods. If you impose those same standards on everyone's uses, [however], you end up where we are today, where only a thin slice of the e-mail pie gets encrypted."

Making OpenPGP popular depends on setting novice users free from the burden of understanding certification and trust models, he said.

Zimmermann suggested that one way to get public keys to the senders who need them, without making everyone participate in keysignings, would be to do something like what PayPal does for money transfers. A user would upload a key, and a keyserver would then send mail to the appropriate e-mail address, asking "If this is your key, click here." When the user followed the link, the keyserver would then sign the key to show that it matched the address.

This wouldn't protect everyone from sophisticated attacks, such as a secret police takeover of your ISP, but it would be one way to help spread encrypted mail to more users. (PayPal thinks it's good enough to handle money, after all.) Future mail programs could easily query the keyserver to find a key that corresponded to the destination addresses of outgoing mail.

Of course, anyone who wants to get anal will still be able to do so. An easy step you can take right now is to put your key fingerprint in an e-mail header. It won't sign the mail, but it will get archived when you post to a list, and give people some basis for trusting that key in the future.

Also on Zimmermann's mind is the overall quality of the free software that makes up Linux distributions. OpenBSD conducts ongoing security audits of a very conservative codebase, and Linux should have someone doing the same, he said. "Right now, there shouldn't be buffer overflow attacks", he added.

Finally, Zimmermann is happy to see GnuPG doing well. GPG is more than just the original PGP code; it's an institution, he said at the BoF. "I'm glad to see that there is a free software implementation of PGP" he said.

OpenPGP.org also needs a volunteer webmaster. Come on people, don't make Drew Streib do everything.

There were barely enough attendees at Annual Linux Showcase to kill the keg of Anchor Steam in the hotel bar. Despite the depletion of beer, the technical talks were good.

XCB, a thin but incompatible C library replacement for Xlib, could help squeeze X onto more embedded systems. Jamey Sharp from the Computer Science Department at Portland State University explained the ideas behind XCB, which is intended to work well with threaded applications and implement just the functionality that modern toolkits need, the way they need it.

"You're building it the way I should have built it", said Xlib developer Jim Gettys from the audience. There are features in Xlib that no X application has ever used, he said. But Gettys is working on reducing the size of Xlib itself, so soon you'll be able to choose XCB for minimum size or Xlib for compatibility. It's wonderful time to be a Linux palm-top developer.

Donald Becker threw down a challenge to the "outdated design concept" of big SMP and ccNUMA systems at his talk, "Home Beowulf Systems". "People used to think that you couldn't do certain kinds of problems on clusters", he said. Now, even a high-end proprietary database, IBM DB2, runs on a cluster. Why not use generic parts and save money the way rocket scientists and render farmers do?

The main part of Becker's talk covered setting up the Scyld Beowulf "label side up" distribution on a home network. Slave nodes can boot from the master over Ethernet or from floppy, then become part of a single system image. Type ps and you get all processes on all nodes. The boot process uses Two Kernel Monte, so you can upgrade the kernel that nodes actually run, without changing all the floppies.

If you've heard a parent explain to a child the need to eat vegetables before dessert, you'll understand the tone of Linus Torvalds when asked about the preemptible kernel patch. Get rid of unnecessarily time-consuming stuff in the kernel, then we can talk preemption.

David Beckemeyer of Earthlink brought the EarthLink SPARK Development Kit to an embedded systems session, and got mobbed with questions and hardware-inquisitive people who want to put Linux boxes in their cars. The best part is that a developer contest in which you can win one is still in progress. (Sign up for the e-mail newsletter on embedded.linuxjournal.com for advance notifications of this and other embedded Linux development contests.)

A Debian BoF produced a lot of suggestions for tools that might be nice to have for manipulating and understanding apt packages. Many of the suggested tools already exist. For example, apt-spy lets you build an /etc/apt/sources.list based on what mirror is quickest for you. Do an apt-cache search apt for some more ideas.

The Atlanta-based organizers showed their experience well, rolling out a very smooth show network including two wireless ESSIDs, along with wired Ethernet and an e-mail garden. A lack of day-to-day volunteers, of which there were plenty in Atlanta, meant random homeless people wandering onto the show floor and no rest for any of the conference organizers, though.

A highlight of the trade show was a pair of nifty inkjet printers from HP, with drivers that do a good job of printing photos from Linux. One model can print, scan, fax, photocopy and even print from Compact Flash or SmartMedia inserted directly into the printer. The printers themselves don't run embedded Linux, though.

Next year in Washington, DC? I don't know...North Carolina hasn't had a Linux conference in a while.

Don Marti is Technical Editor of Linux Journal.