The GitHub takeover has resulted in reviving some of the discussions regarding crypto hardware. Someone mentioned that Linux Foundation has made a deal with Nitrokey regarding equipping kernel devs with crypto hardware [1]. I would like to officially ask Trustees to look into the possibilities of equipping Gentoo devs with some kind of crypto hardware as well! Since I'm not really up-to-date with all the fancy things, I'm CC-ing crypto@ for opinion on what kind of hardware could be of specific interest. As to exact details of how to arrange it and for whom, I leave that up to Trustees. I suppose we may want to set up some limitations (like minimal time in Gentoo). It would be nice to try to cut a deal with some vendor (alike what LF did) or possibly find a sponsor. Funding them from Gentoo money could be blurry legally, even if we can prove it's for the best interest of Gentoo. [1]:https://www.nitrokey.com/news/2018/nitrokey-partners-linux-foundation-equip-all-linux-kernel-developers-nitrokey-usb-keys
[personal note: Even if getting sponsored equipment would always be nice, I don't really see it as the responsibility of the foundation to provide this to devs. Even if we got it, you'd incur shipping costs etc. This is cheap enough that you'd likely expect the developer to fund it out of their own pocket, similar to having a computer to begin with] In terms of options, there are incoming patches to gnupg about using the in-built laptop TPM, see e.g FOSDEM talk here https://fosdem.org/2018/schedule/event/tpm/ , which reduces costs on many levels. The most open alternative is gniibe's token / gnuk , but due to no HW acceleration that is rather slow for RSA although decent for ECC (but for various (good) reasons we don't offer that as an alternative in GLEP 63) So directly token-wise that leaves youbikey and nitrokey (the cheaper nitrokeys are based on gnuk so has same slowness for rsa). For youbikey I'm quite fond of my v3 but they went closed source for v4 so I wouldn't really recommend them on principle grounds. Then I'm more in favor of gemalto card reader with sim-breakout openpgp smartcard ( see e.g https://www.floss-shop.de/en/security-privacy/smartcards/13/openpgp-smart-card-v3.3?c=11 , I don't immediately see their usb token size reader on that website any longer)
<hat type="treasurer"> While the costs may seem low for people in the Western world, they are not cheap to everybody. I would strongly encourage that there is an option to fund it for those who cannot otherwise do so. The Foundation CAN afford it, and it could be easily argued that it was a requirement vs personal benefit. </hat>
Can some of the security & crypto people comment or work towards a minimum set of requirements? Ideally have your discussion on another list, and present the results on wiki, linked here.
(In reply to Robin Johnson from comment #3) > Can some of the security & crypto people comment or work towards a minimum > set of requirements? Ideally have your discussion on another list, and > present the results on wiki, linked here. Clarification: k_f did a product comparison above. I'm asking for requirements by which to evaluate what the product choice should be. e.g. which of gniibe or the various NitroKey & Yubikey models fit the requirements.
This is to document the Nitrokey options. Information obtained from: https://www.nitrokey.com/#comparison Options available: Nitrokey Storage (Exceeds requirements and is expensive. Contains an encryptable mass storage) Nitrokey Pro (Meets requirements) Nitrokey Start (Meets requirements) Nitrokey HSM (Does not support email encryption and is designed to store a lot of keys. Does not meet requirements for single developer-use) Nitrokey FIDO U2F (Available end of summer, but does not meet requirements) Nitrokey Start (€ 29.00) - Does not support OTP - Supports 2048-4096 (4096 is not recommended due to operation time) - Supports 3 RSA key pairs - Supports 3 ECC key pairs - Firmware updates supported - Not considered tamper-resistant. Nitrokey Pro (€ 49.00) - Supports OTP - Password manager built-in - 1024-4096 (No warnings regarding operation times at 4096) - Supports 3 RSA key pairs - No ECC support - Tamper-resistant
(In reply to Aaron Bauman from comment #5) > This is to document the Nitrokey options. > > Information obtained from: > prometheanfire has shared that Nitrokey does offer updates for the pro: https://github.com/Nitrokey/nitrokey-pro-firmware/releases
Update: We have received a quote from Yubikey and are pending a quote from NitroKey. Alice has also suggested products from https://www.u2fzero.com/ which I am currently looking into. This will be added to the overall quotes and documentation submitted to the board for voting.
Quote received from Nitrokey for the Nitrokey Pro and shipping.
Email sent to trustees@ with the quotes and comparisons between the two vendors who provided them. Additionally, (2) motions were requested for action at the AGM.
Per the trustees meeting of 2018/09/15, the Trustees passed on the following motions: #agreed We shall spend Foundation funds to buy keys for Gentoo developers, for GPG signing. #agreed We will more forward with the Nitrokey agreement #agreed The agreement shall cover potential future developers and will require annual renewal The following motion did NOT pass at this time: Should the Foundation spend funds to purchase hardware tokens for 2FA purposes? As a procedural followup, please ensure all submitted motions are present in the agenda. This item was nearly left off because got lost from the agenda.
I hope this is the correct place to ask/point out, but there are two versions of the Nitrokey Pro. The original Nitrokey Pro, which does not support ECC: (In reply to Aaron Bauman from comment #5) > This is to document the Nitrokey options. [...] > Nitrokey Pro (€ 49.00) [...] > - No ECC support And the Nitrokey Pro 2, which supports ECC and has its product page linked in the gentoo-nfp announcement: https://archives.gentoo.org/gentoo-nfp/message/43c7979ddbd3169ab65737538bf82a75 Is there a clarification available whether the agreement is about Nitrokey Pro Version 1 or Version 2?
This is even more complicated. To my knowledge, only "Nitrokey Start" will support Curve25519 (and any other curve is not really what we want).
(In reply to Thomas Deutschmann from comment #12) > This is even more complicated. To my knowledge, only "Nitrokey Start" will > support Curve25519 (and any other curve is not really what we want). Glep53 clearly states: """ Primary key and the signing subkey are both of type EITHER: RSA, >=2048 bits (OpenPGP v4 key format or later only) ECC curve 25519. """ So EC25519 support is not required provided the keys do RSA >=2048 (and they do.) Note that I expect the lifetime of the keys to be 2-4 years, and we can always change which keys the agreement is about and do a refresh over time. E.g. 5 years from now everyone will probably be on "key v2"; whatever that key is; presuming we continue funding this program. -A
(In reply to Robin Johnson from comment #10) > Per the trustees meeting of 2018/09/15, the Trustees passed on the following > motions: > > #agreed We shall spend Foundation funds to buy keys for Gentoo developers, > for GPG signing. > #agreed We will more forward with the Nitrokey agreement > #agreed The agreement shall cover potential future developers and will > require annual renewal > > The following motion did NOT pass at this time: > Should the Foundation spend funds to purchase hardware tokens for 2FA > purposes? > > > As a procedural followup, please ensure all submitted motions are present in > the agenda. This item was nearly left off because got lost from the agenda. Just as a followup, we are currently going through the process of signing a contract with Nitrokey although I suspect Holiday Vacations to delay final signing until the 2019 calendar year. Prospects are good that signature will happen in early January. -A
(In reply to Chí-Thanh Christopher Nguyễn from comment #11) > Is there a clarification available whether the agreement is about Nitrokey > Pro Version 1 or Version 2? Nitrokey Pro v2 specifically
security has provided their input regarding this already. security out.
This has been completed!
