The Linux kernel's development process makes use of PGP. The most relevant part
here is that subsystem maintainers are supposed to use signed tags in their
pull requests to Linus Torvalds. As the concept of keyservers is considered
broken,
Konstantin Ryabitsev maintains a collection of relevant keys in a git
repository.
As of today (at commit
a0bc65fb27f5033beddf9d1ad97d67c353849be2)
there are 602 valid keys tracked in that repository. The requirement for a key
to be added there is that there must be at least one trust path from Linus
Torvalds' key to this key of length at most 5 within that keyring.
Occasionally it happens that a key loses its trust paths because someone in
these paths replaced their key, or keys expired. Currently this affects 2 keys.
However there is a problem on the horizon: GnuPG 2.4.x started to reject
third-party key signatures using the SHA-1 hash algorithm. In general that's
good, SHA-1 isn't considered secure any more since more than 20
years.
This doesn't directly affect the kernel-pgpkeys repo, because the trust path
checking doesn't rely on GnuPG trusting the signatures; there is a dedicated
tool that parses the keyring contents and currently accepts signatures using
SHA-1. Also signatures are not thrown away usually, but there are exceptions:
Recently Theodore Ts'o asked to update his
certificate.
When Konstantin imported the updated certificate GnuPG's "cleaning" was applied
which dropped all SHA-1 signatures. So Theodore Ts'o's key lost 168 signatures,
among them one by Linus Torvalds on his primary UID.
That made me wonder what would be the effect on the web of trust if all SHA-1
signatures were dropped. Here are the facts:
-
There are 7976 signatures tracked in the korg-pgpkeys repo that are
considered valid, 6045 of them use SHA-1.
-
Only considering the primary UID Linus Torvalds directly signed 40 public
keys, 38 of these using SHA-1. One of the two keys that is still "properly"
signed, doesn't sign any other key. So nearly all trust paths go through a
single key.
-
When not considering SHA-1 signatures there are 485 public keys without a
trust path from Linus Torvalds of length 5 or less. So today these 485
public keys would not qualify to be added to the pgpkeys git repository.
Among the people being dropped are Andrew Morton, Greg Kroah-Hartman, H.
Peter Anvin, Ingo Molnar, Junio C Hamano, Konstantin Ryabitsev, Peter
Zijlstra, Stephen Rothwell and Thomas Gleixner.
-
The size of the kernel strong set is reduced from 358 to 94.
If you attend Embedded Recipes 2025 next
week, there is an opportunity to improve the situation: Together with Ahmad
Fatoum I'm organizing a keysigning session. If
you want to participate, send your public key to
er2025-keysigning@baylibre.com before
2025-05-12 08:00 UTC.