Robot CA <robotca@toehold.com>

Installation instructions
Perl source (sig) (under the GNU General Public License)
INI file settings
Submission form
Things on this page

News

March 5, 2004: New code: Improved UTF8 handling (needs testing). Should work better across versions because I'm using --status-fd instead of human-readable prompts. Should be able to sign keys that have its own (but expired) signature, thanks to Peter Pramberger.

What is it?

Basically, it's a program that signs PGP keys automatically. The point is only to verify the email address on the key, not to verify the identity of the email address's owner.

Credits

Phil Zimmermann came up with the idea for the Robot CA. This implementation is by Kyle Hasselbacher. I've gotten good feedback from Todd MacDermid, and Jim Efaw gave me feedback before I started. I also credit Seth Schoen's "Casual PKI and making e-mail encryption easy" article for introducing the idea to me.

What's the use?

Given a PGP key signed by a Robot CA, you know that the key really does belong to the email address on it. You know that it's not a key that someone else phonied up to pretend to be that email address.

With some support in mail readers, this could be used to automatically encrypt for people who support it. If the mailer automatically encrypts for keys signed with the robot, the user doesn't have to worry about an attacker sending a phony key with the recipient's email address.

How it works

You email it (robotca@toehold.com) or submit via web form a public key, and it examines it to find an email address. It signs the key and mails it back at that address. If it sees more than one UID, it signs them each in turn, emailing them to their various addresses. It will send its own public key back along with the user's.

It returns no diagnostics on failure. It either works, or you don't hear back from it. It only accepts ASCII armored public key blocks as input (no MIME!). It ignores email headers.

Possible problems

If you don't get a reply, check these cases.

Your key is not ASCII armored.
You sent something MIME encoded.
There's no email address in your uid. It expects an email address to be in angle brackets: <joe@example.com>.
It aborts if it sees the same ID string twice.
It won't sign keys for the same email address more than once in 24 hours.
It won't sign a key that already has its signature.
It won't sign a key with an ID string that looks just like the Robot itself.
It won't sign an expired key.
Of course, it could just be broken. Email the operator.

Robot's key fingerprint

The robot's public key has my signature on it.

pub  1024D/C521097E 2002-11-24 Robot CA (http://www.toehold.com/robotca/) <robotca@toehold.com>
     Key fingerprint = 9A53 74CE 8CC3 13FB E2D2  1183 1058 1685 C521 097E

Robot's old key fingerprint

This was the robot's key before November 27, 2002. It changed to the new key because I lost the secret key to this one in a disk failure.

pub  1024D/8A7C07CD 2002-11-16 Robot CA <robotca@toehold.com>
     Key fingerprint = 8892 8E43 A246 6979 ED0F  109C 1989 CFC6 8A7C 07CD

Public Keys

External links

My own Kuro5hin articles
- Robot CA: toward zero-UI crypto
- Easy hard crypto
An article about Robot CA in Spanish
Other articles about making encryption easier.
- Casual PKI and making e-mail encryption easy by Seth Schoen
- Returning privacy to E-mail by Brad Templeton
Projects with similar goals.
- ImperialViolet Email Verifier does the same thing with a challenge response system.
- keysigners.org also uses a challenge.
- Keystory builds historical data on key usage.
Accounts of Phil Zimmermann talking about it
- Linux Journal mention
- First hand account from ALS
Maling list threads
- GnuPG-users mentioned it in a thread about making crypto easier.
- The thread I started in gnupg-users
- Long thread about it on [linux-elitists]
- Start of a thread on [keysignings]