Mission | Donate | Podcast | News | Help

Warning: Failed opening '/home/cvsadmin/sites/www.cryptorights.org/includes/buttons/button_about_keys_sub.incl' for inclusion (include_path='.:/usr/share/php:/home/cvsadmin/sites/include/') in /home/cvsadmin/sites/www.cryptorights.org/keys/keygen/index.html on line 82

CRF PGP Key Generation (KeyGen) Guidelines

Revision: 0.8.5 PRELIMIARY DRAFT

Updated (YYYY-MM-DD): 2002-10-12

Location: <http://www.cryptorights.org/keys/keygen/>

Sections shown below in [square brackets] are either still to be written or are under revision. We always need volunteers to help us improve this and other documents, so please contact us if you can contribute!

NOTE: These policies may be superseded for an individual CRF project by the "442_KeyGenGuide.html" file in that Project's "ProjectBook" documentation.

Introduction to CRF Key Generation
Author & Contributors
Feedback
Key Generation Overview
Key Generation Using PGP
Key Generation Using GnuPGP (GPG)
- Manual GPG Key Generation
  - Making a GPG Key Revocation Certificate
  - Your GPG Public Key & KRC Files
- Scripted GPG Key Generation
After Key Generation
- Signing the CRF Root Key
- Things to Avoid Doing
- Submitting Your Key to CryptoRights
  Introduction to CRF Key Generation
  
  The following guidelines describe how to generate a PGP key within guidelines that are compatible with the CryptoRights PKI Documentation under construction. The CRF PKI is part of a larger CryptoRights Foundation project to design a Universal Security Policy for Human Rights (CRF-USPHR). The CRF-USPHR is a complex set of documents which are currently under construction: as each document is made publicly available, the current versions will be listed at the USPHR Project page [forthcoming]. If you would like to contribute to the USPHR project in any way, please contact the CRF Keymaster!
  
  Feedback
  
  These key generation policies are necessary to establish standard security procedures for our human rights security work. Your feedback about ways to improve our methods or documentation are important and appreciated: please email them to the CRF Keymaster at your convenience PGP-encrypted messages are welcome but certainly not required, but if you wish to receive an encrypted reply, please include your own PGP key.
  
  Key Generation Overview
  
  Once you've acquired and installed the PGP or GPG software (see: Software You Need), there are several issues you should consider, and configure your hardware and software for, before actually generating your keypair. These include the properties of the key you'll be generating that are specific to you (they'll bind your identity to the cryptographic key), the cipher preferences (which will be hardwired into your key), the CRF's introducer keys, your network connection (a security risk), and issues specific to the software you've selected for your particular hardware platform.
  
  Software You Need
  
  Before beginning these procedures, we assume that you have obtained the necessary PGP/GPG client source code or PGP/GPG binary software installers, either from CRF (preferred) or the Internet. Obtaining those distributions, installing them and checking the signature on them to be sure you have not received software that has been tampered with is your responsibility. To be absolutely sure that your current installation is a valid distribution, we strongly advise you to re-install PGP from an installer on which you immediately check the detached PGP signature using the software you have installed.
  
  Windows
  
  For Windows users, we strongly recommend PGP 7.0.4 (which is version 7.0.3 patched as noted below), which should be compatible with releases up to and including Windows 98/ME/NT/2000. Users running Windows XP or newer may need to obtain newer custom versions such as PGPckt (which may work with XP but which also add non-interoperable features we do not recommend using, e.g. super-large keysizes). If you cannot use PGP 7.0.4, the ZEDZ and the Radiusnet crypto archives are good for locating hard-to-find versions of PGP. Note that, although CRF does not normally allow Windows OS machines on it's networks due to the many security concerns (sophisticated viruses and/or known weaknesses in the OS can lead to compromise of your private key and/or passphrase), if you run Windows on your personal machine, we recommend taking all possible security precautions with your Windows OS before generating keys and storing your keys on a removable device when not in use. CRF plans to release some security guidelines for Windows users as part of our long-term goal to produce a comprehensive security policy for NGOs.
  
  NOTE: PGP 7.0.3 freeware for Windows 9x/ME/NT/2000 should be patched with these two Hot Fix files to correct specific vulnerabilities.
  
  Macintosh
  
  For Apple Macintosh users with MacOS 8.x and 9.x, we currently recommend PGP 7.0.3 because the source code is available and reviewable (this does not guarantee security, but does offer the opportunity). PGP 7.1 is also probably acceptable for use if necessary, although the source code has not been released by Network Associates (in violation of their original agreement with PGP Inc) and the installer automatically adds unnecessary software modules (e.g. PGPnet, which can/should be disabled or removed).
  
  Users with MacOS X (a new BSD UNIX-based graphical operating system) will need to obtain the most up-to-date MacGPG client software.
  
  NOTE: PGP 7.0.3 freeware for Macintosh should be patched with the Hot Fix to correct a vulnerability.
  
  Linux/*NIX
  
  For Linux and Unix users, we recommend GPG 1.0.x. For very old *nix operating systems, the ZEDZ crypto archive may help you locate hard-to-find old versions of PGP.
  
  NOTE: CryptoRights is working with the GnuPG Development Group to produce a CRF-specific release (snapshop) of GPG. When it becomes available, we will link to it here.
  
  Introducer Keys
  
  After downloading the PGP or GPG software and installing and verifying it, but BEFORE you generate your own keypair, you must have certain critical CRF introducer keys present on your keyrings to benefit from the CryptoRights Public Key Infrastructure by allowing it to introduce other peoples' keys to you as validly trusted keys. By trusting these very reliable "root" and "role" keys, you will easily and quickly be able to communicate securely with many other people participating in the CRF community's PKI.
  
  Using a standard web browser and the PGPkeys application, PGP users can select the PGP Key Blocks on each of the webpages below (being sure to include all of the dashes at the beginning and end of the key blocks) and either Paste the contents of the clipboard into PGPkeys, or save the Key Block into a TEXT file and use the Keys menu's Import command.
  Obtain the following three CRF public keys and immediately Import them onto your keyrings:
  - CRF Root Key: <http://www.cryptorights.org/keys/root/02.html>
  - Keymaster Key: <http://www.cryptorights.org/keys/role/keymaster.html>
  - Postmaster Key: <http://www.cryptorights.org/keys/role/postmaster.html>
  Networks & Viruses
  
  The serious threats of network security exploits, and covert computer viruses, against workstations are an often neglected but important issues that becomes critical during cryptographic key generation.
  
  After obtaining --but before installing-- encryption software for your computer, we strongly recommend downloading an anti-virus utility (if you do not have one already) and using it to check all storage devices connected to your keygen hardware.
  
  All users, and Windows users in particular, are vulnerable to viruses (e.g. 'trojan FTP' viruses that send files on your computer to remote sites), or other executables that can damage a keyring file or which are specifically designed to capture their PGP keyring files and the keystrokes of their passphrases or to delete their PGP keyrings or other critical files.
  
  We strongly recommend that you physically disconnect (unplug) your keygen computer from any network services before beginning the keygen process, run a full virus diagnostic (with the latest virus database update file) and only reconnect it after you have made a secure backup of your keypair (and a key revocation certificate if applicable) on separate removable media.
  
  If you have wireless network connectivity, you could also physically disconnect your wireless device (e.g. unplug the radio modem or remove the 802.11 WAN card).
  
  Please remember that if your key is compromised, you could compromise the security of other CRF staff, volunteers and clients, resulting in serious repercussions: please don't be the person who fails to take this easy precaution and thereby places others at risk.
  
  Required Key Properties
  
  Your CryptoRights key must have certain Properties (unless it is a special purpose key not within the scope of this document):
  - Your Full Name (e.g. John Smith, or if this is a "role" key, e.g. "Administrator", use that title).
  - Your CryptoRights Email Address (determined by prior arrangement with the CryptoRights Postmaster, and consisting of your CRF UserID at the cryptorights.org domain (e.g. "jsmith@cryptorights.org").
  - Key type is Diffie-Hellman (DH) key (an OpenPGP Type 4 key generated by PGP v5.x or higher, or GnuPG)
  - Encryption Key size is 4096 bits (maximum size possible is preferred, but at least 3100 bits)
  - Key expires in two (2) years or sooner (new PGP users should set a 6-month expiry period as a safety while they learn PGP)
  - The Designated Revoker key is set to the CryptoRights Keymaster key [KeyID: 0xFD7DE423].
  Using the graphical PGP freeware (either the old 2.6.x versions from MIT or the newer versions formerly from NAI) or GPG, generate a new DH key ONLY with these properties.
  
  Cipher Preferences
  
  When generating a keypair, a symmetric key cipher algorithm preference may be specified. This allows an organization to use the best-known and most trusted symmetric algorithm from among those built into PGP, and to refuse to use any that may for any reason be considered weak or cryptographically vulnerable.
  
  CRF's preferred symmetric encryption cipher is 3DES, also written as "TripleDES" (and pronounced "triple-DEZZ"), due to its superior cryptographic security, as determined by a large community of cryptological mathematicians over a substantial period of time. We have contacted several internationally-recognized cryptographers and received their best advice on this specific preference. If you have questions or comments on this choice, please email them to the CRF Keymaster for consideration.
  
  Passphrase Preparation
  
  The single most important 'property' of your key, and the one which is stored only in your head and (ideally) never written down, is your passphrase. Note that we intentionally use the term "passPHRASE" because a single word (a password) does NOT provide acceptable security. Your passphrase is the "weak link" in the entire PGP system: therefore, it is also the first point of attack for those wanting to break into your secure communications or to impersonate you by forging your digital signature. We recommend that you have a suitable passphrase ready in your mind before you begin the key generation process.
  
  The passphrase for your CRF keypair should be unique: it should be different from any other passphrases you use, especially any login passwords for your computer, your network account, encrypted disks, etc.
  
  A good passphrase is long (a minimum of 8, and optimally 15-20, characters), and uses both alphabetic (abc...xyz) and numeric (123...0) characters, as well as punctuation ($!,-'=+, etc).
  
  Your passphrase should be easy for you to remember, but very hard for others to guess (i.e. do not use your birthday or your spouse's name or your automobile's license plate number. A good technique is to construct a phrase you can remember from combinations of letters, numbers and punctuation, for example:
```
   2b R not 2b...that iz D qw3st10n
```
  If this is the very first PGP key you have ever generated, it may be advisable to treat this key as a "training key" that you will discard after a few weeks or months of use, i.e. once you're comfortable using PGP. New PGP users often forget their passphrase or make other simple errors as they familiarize themselves with the use of these communications security tools. Therefore, for such training key exercises, a relatively easy passphrase is acceptable, since you will eventually switch to a more secure key with a more robust/secure passphrase. Please let the Keymaster know if this is your situation.
  
  Key Generation Using PGP
  This section describes the procedure for generating a policy-compliant PGP key using the freeware formerly published by PGP.com/NAI (the commercial software works the same way, so these guidelines still apply).
  Setting Up for KeyGen Using PGP
  Launch the PGPkeys application. Open the Options dialog (Preferences on the Macintosh).
  NOTE: If you are a 'corporate' PGP user with preset 'Administrator' preferences that you cannot modify, please contact the CRF Keymaster before continuing. You can tell if this is the case by looking at your Options/Preferences in PGPkeys: if any of them are grayed out (locked so you cannot change them), then you have 'Admin' prefs. In the General panel, turn "Faster Key Generation" OFF (un-check the checkbox). This forces PGP to generate fresh prime numbers for your keypair, and while this may take slightly longer, it makes your key more secure.
  PGP Cipher Preferences in PGP
  
  Although the required symmetric encryption algorithm in the OpenPGP specification is 3DES (see RFC 2440 page 49), the default algorithm in PGP is CAST (specifically the 128-bit CAST-5 variant). The cryptographers we consulted have unanimously confirmed their preference for 3DES (Triple-DES) over CAST, so we therefore require new keys in the CRF PKI to select that algorithm. Please change the preferred symmetric cipher setting BEFORE generating your keypair using the following steps:
  
  Open the PGPkeys application's Options dialog. Click on the "Advanced" panel.
  1. In the Options/Preferences dialog in PGPkeys (for Windows and Macintosh).
  2. Click on the "Advanced" tab (see Figure 1 below).
  3. Set the "Preferred Algorithm" (popup menu) to "TripleDES".
  4. Un-check the "Twofish" item.
  5. In the "Trust Model" area, enable (turn ON) the "Display marginal validity level" item.
  Figure 1: CRF's cipher preferences are displayed in this dialog from PGPkeys.
  
  Key Generation with PGP
  
  Launch the PGPkeys application.
  
  In the Keys menu, select the New Key command to open the Key Generation Wizard/Assistant.
  Click on the "Expert" button.
  
  Enter your Full Name and your Email Address.
  
  Set the Key Type to DH/DSS (Diffie-Hellman).
  
  Set the Key Size to 4096 (minimum 3100 bits).
  
  Set the Expiration for Six (6) Months from the date of key generation.
  
  Figure 2: the PGP Key Generation Wizard dialog, with the 'Expert' option screen items displayed.
  
  Once you have completed these settings, proceed to the next screen and enter the Passphrase you pre-determined above. Proceed to the next screen.
  
  NOTE: If your version of PGP supports "Key Reconstruction", you may optionally follow those instructions at this time. This is a useful feature, however because it is not a standard method that has been well-reviewed in public, the security implications are not well-understood. Therefore, because CRF uses a Designated Revoker (see below), Key Reconstruction is not necessary.
  
  Generate randomness by moving your mouse and pressing various keys on your keyboard and move your mouse/cursor/etc for the best results. PGP requires randomness to seed the prime numbers that form the cryptographic keypair(s) using human-influenced input, as well as system activity (hard disk access, etc). Remember that randomness is what makes your key completely unique and difficult for cryptanalysts to guess.
  
  PGP will now begin generating your keypair. On very slow machines, this may take quite some time, so be patient and if necessary have something else to do while you wait for the keygen process to complete.
  
  Figure 3: The Key Properties dialog for John Smith's PGP keypair.
  
  When the keypair generation is finished, PGP will beep and display a completion message. Close the Key Generation Wizard dialog and inspect your key in the PGPkeys listing. Select your key and use the Keys menu's "Get Properties" command to display the Key Properties. Your Key Properties should be similar to those in Figure 3.
  Close the Key Properties dialog.
  Adding the Designated Revoker
  
  CRF uses the Designated Revoker (aka DR or DesRev) feature to protect CRF staff/volunteers and the CRF organization's PKI from keys and/or people which/who become compromised. When you add a DR, you allow that key the ability to revoke the Public Key so that others will not use it. CRF uses the CRF Keymaster key as the organization's Designated Revoker key (it also acts as CRF's main Trusted Introducer key). The Keymaster key is itself certified by the CRF Root Key. In the future, we plan to use the PEASOUP Project's [link forthcoming] work to divide our DR key among a group of Keymasters for additional security.
  
  Launch the PGPkeys application (if it isn't already open).
  
  Select your Keypair in the PGPkeys listing. Your keypair (the public and a secret halves) has a small "face" icon that differentiates it from the public keys of other people (Figure 4).
  
  Figure 4: PGPkeys listing, displaying Owner's Keypair with "face" icon (in red square).
  
  In the Keys menu, select the Add > Revoker... command.
  
  A listing of all the keys on your keyring will appear: because you already imported the CRF Keymaster key in the preparations above, it will appear in the listing [KeyID: 0xFD7DE423]. Select the Keymaster key and proceed. PGP will warn you about DR keys (click OK) and then prompt you for your passphrase. Enter your passphrase and click OK to complete the process.
  
  Use the Keys menu's Get Properties command again and note the addition of the "Revokers" tab at the top (as shown in Figure 3).
  
  You can now proceed directly to the section below about "Submitting Your Key to CryptoRights".
  
  Key Generation Using GnuPGP (GPG)
  
  Instructions for GPG 1.2.2 Windows and Linux versions
  
  You can use GnuPGP to generate a CryptoRights PGP key manually by following the key property guidelines in this section (which mirror those above in the PGP section), or by using the script described below to assist you (except MacOS X).
  
  Note that your preferred symmetric cipher should be set to "3DES" before you begin.
  
  In the six steps below, we'll describe the commands you type for manual key generation, which give you better control over the process. Then, we'll describe how to create the KRC to be sent to the CRF Keymaster, and how to back up your secret and public key files.
  
  Manual GPG Key Generation
  
  Step 1: Generate Your GPG Keypair
  
  At the system command-line prompt, type:
```
      gpg --gen-key
```
  When GPG asks you to "Please select what kind of key you want:", select option (1) DSA and ElGamal (default).
  
  GPG will automatically select a key size of 1024 bits for your DSA (Digital Signature Algorithm) subkey.
  
  Next, GPG will ask "What keysize do you want?", (referring to your ELG-E, or El Gamal Encryption, keypair). You should type "4096" for the largest possible key size.
  
  Next, GPG will ask you to "Please specify how long the key should be valid" (as below), and you shoudl set that to "3m" for three months, "6m" for six months, or "1y" for one year, depending on your agreement with the CRF Postmaster:
```
      Key is valid for? 3m
```
  When asked "Is this correct (y/n)?", confirm it by responding "y" for "yes".
  
  Next you specify your UserID, which is your Full Name plus your CRF Email alias/address. This was already selected by you and confirmed as unique by the CRF Postmaster, so you can enter the string as follows:
  
  GPG constructs the UserID from three separate strings: Real Name, Comment and Email Address in this form:
```
      Real name: [type your Full Name here, e.g. John Smith]
      Email address: [type {your CRF email UserID}@cryptorights.org here, e.g. jsmith@cryptorights.org]
      Comment: [leave this field EMPTY, as CRF does not use the Comment field]
```
  GPG will then ask you to confirm or change the UserID field. Edit it if necessary or confirm it.
  
  Next, GPG will ask you to set, and confirm, your Passphrase. See the notes above on good passphrase selection. NEVER FORGET your passphrase!
  
  GPG will now generate randomness to seed the prime numbers that form the cryptographic keypair(s) using certain human-influenced inputs (keyboard and mouse activity), as well as system activity (hard disk access, etc). Press various keys on your keyboard and move your mouse/cursor/etc for the best results. Remember that randomness is what makes your key completely unique and difficult for cryptanalysts to guess. GPG will display:
```
      +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
      +++++..+++++++++++++++.+++++...+++++++++++++++..+++++++++++++++>++++++++++.
      ..+++++..............+++++
      public and secret key created and signed.
```
  Step 2: Set 3DES as the default Cipher
  Once you have completed Step 1 above, you must change the default Cipher to 3DES. Type the following commands at the system prompt:
```
      gpg --edit-key YOUR_USERID#64;cryptorights.org
```
  at the Command> prompts type the following:
```
      Command> setpref S2 H2 H3 Z2 Z1
	Command> updpref
```
  When GPG confirms the new preference list, type y to update the preferences, and type in yout passphrase when prompted to do so.
```
      Current preference list: S2 H2 H3 Z2 Z1 [mdc]
	Really update the preferences? y

	You need a passphrase to unlock the secret key for
	user: "YOUR_FULL_NAME "
```
  Finally when the prefs have been saved type Save t the command> prompt:
```
      Command> save
```
  then exit PGP and continue to Step 3.
  
  Making Your Key Revocable Step 3: Assign Keymaster as a Key Revoker
  Once you have completed Steps 1 and 2 above, you must nominate keymaster as a revoker for your Public Key. Type the following command at the system prompt:
```
      gpg --edit-key YOUR_USERID@cryptorights.org
```
  GPG will confirm the specific Public Key you are editing as follows:
```
      pub  1024D/NNNNNNNN  created: YYYY-MM-DD expires: YYYY-MM-DD trust: u/u
	sub  4096g/NNNNNNNN  created: YYYY-MM-DD expires: YYYY-MM-DD
	(1). YOUR_FULL_NAME 
```
  at the Command> prompt type:
```
      Command> addrevoker
```
  When GPG asks you to "Enter the user ID of the designated revoker: ", you enter FD7DE423:
```
      Enter the user ID of the designated revoker: FD7DE423
```
  GPG will confirm the Keymasters key as follows:
```
      pub  1024D/FD7DE423 2003-06-10   CRF Keymaster 000 
	  Primary key fingerprint: 6464 9C62 6263 D1AD E444  455D 4F26 67E1 FD7D E423
```
  Check the Fingerprint carefully to make sure it is that of the CRF Keymaster
  
  When GPG prompts you as follows:
```
      WARNING: appointing a key as a designated revoker cannot be undone!
```
  Are you sure you want to appoint this key as a designated revoker? (y/N):
  Type y to confirm.
  Step 4: Save Your Secret & Public Keys
  
  To save your Secret Key into a separate file (which you should back up in case of system failures), type the following command at the system prompt:
```
      gpg -a --output YOUR_USERID-crf-secret.asc --export-secret-keys --no-comment YOUR_USERID@cryptorights.org
```
  To save your Public Key into a separate file (back this up also!), type the following command at the system prompt:
```
      gpg -a --output YOUR_USERID-crf-public.asc --export --no-comment YOUR_USERID@cryptorights.org
```
  Step 5: Your GPG Public Key & KRC Files
  
  In the steps above, you generated three output files. Two of these files:
```
      YOUR_USERID-crf-public.asc
```
  (your Public Key)
```
YOUR_USERID-crf-revoke.asc
```
  (your Revoked Public Key)
  should be sent as soon as possible to the CRF Keymaster as described in the section below on Submitting Your Key to CryptoRights.
  
  The other file containing your Secret Key:
```
      YOUR_USERID-crf-secret.asc
```
  should never be sent to anyone. Your should back this file up immediately in case anything happens to you or your hard disk/etc. We recommend using removable media, and hard disk cartridges are more reliable than floppy disks. If you must use floppy disks, we recommend making multiple key backup floppies (in case one of the floppy disks goes bad). These should be locked into a small fireproof safe, a bank deposit box or somewhere similarly safe. Remember that your Secret Key is itself protected by the strength (i.e. the length and complexity) of your passphrase.
  
  Scripted GPG Key Generation:
  
  This describes a GnuPGP Script for generating a CryptoRights PGP key. With GnuPGP 1.0.6 (and possibly earlier revisions) you can create a key with a set of 'commands'. This makes it easy to specify parameters in a script so that the resulting key follows the current CRF policy on PGP key properties that GPG is able to support:
  - 4096 bit key (maximum size available, interoperable with other OpenPGP clients).
  - Symmetric cipher is 3DES.
  - The only UserID is "YOUR-USERID@cryptorights.org".
  - Maximum two (2) year expiration period from date of keygen (by prior agreement with CRF Postmaster).
  GPG KeyGen Script Software:
  - Linux (we used Red Hat 7.1, but other *nix flavors may also work.
    N.B.: As of this edition of the keygen guidelines, this script is NOT known to work under MacOS X with MacGPG: it may by the time you read this.)
  - GnuPG OpenPGP freeware for your *nix flavor.
  GPG KeyGen Script Notes:
  
  This shell script creates a config file, and then runs GnuPG to generate the key according to the key parameters favored by CryptoRights. GPG is then invoked to export the keypair (public and private keys) GPG saves the keypair in an OpenPGP-compliant ASCII-armored PGP Key Block format for later loading into another *nix machine, for import into PGP (NAI), or elsewhere.
  
  Note also that GPG has certain limitations, relative to the PGP GUI version features, of which you should be aware:
  - Trust Model:
    GPG cannot set Trusted Introducers, so to benefit from the CRF PKI, you will be required to take manual actions.
  - No Designated Revoker:
    GPG does not support Designated Revokers, and this feature is highly desirable in the CryptoRights PKI (if you can think of a better way, please tell us). Therefore, we ask that GPG users either temporarily move their keying material (secret and public) over to a GUI version of PGP in order to add the DesRev, set a 6-month expiration period for the keypair or provide a KRC (Key Revocation Certificate).
  - Passphrase:
    Set the passphrase in the script only temporarily (it's vulnerable, so change it immediately!).
  - GPG 'Comment':
    Do not export the 'comment' (unless this public key will never be imported by PGP users which is HIGHLY UNLIKELY).
  Please be sure to also note the following:
  
  (A) Replace the string "YOUR-USERID" in the script with your CryptoRights alias as arranged with the CRF Postmaster.
  (B) Replace the string "YOUR-FULL-NAME" in the script with your full name, e.g. John Smith.
  (C) The crucial security of the Secret Key in the exported Secret Key Block is only equal to the strength of the passphrase you choose, so you are encouraged to select an extremely strong passphrase (which may be changed later).
  
  (D) This script sets a Key Expiration period: please be sure to ask the CRF Postmaster what value to set this ate before you begin keygen. If you are not sure how you should set this value, leave the "3m" default value unchanged or add a Designated Revoker using a PGP (GUI) client or send a KRC (Key Revocation Certificate) to the Keymaster address, encrypted to the CRF Keymaster key. Under no circumstances should this value exceed "2y" (two years).
  
  The GPG KeyGen Shell Script:
```
#!/bin/sh

echo -n "Please enter your name: "
read realname

echo -n "Please enter your email address: "
read email

gpg --batch --gen-key <<ENDIT
%echo Generating a standard CryptoRights key
Key-Type: DSA
Key-Length: 1024
Subkey-Type: ELG
Subkey-Length: 4096
%echo Your name is $realname
Name-Real: $realname
%echo Your email address is $email
Name-Email: $email
Expire-Date: 6m
Passphrase: MODIFY-THIS-ASAP
Preferences: S2 S7 S3 H2 H3 Z2 Z1
%commit
ENDIT

echo "Remember to change your password!"
```
  After PGP Key Generation
  
  Once you have generated your CRF key and provided for its expiration and revocation capability, there are some very important final steps you still need to take — and a few things you should definitely not do. The most critical step — setting your trust in the CRF Root Key — will begin the process of integrating you into CRF's trusted community save you a great deal of time and trouble, and so it should be the very next thing you do. You obtained the CRF Root Key just after you installed the PGP software, but before you generated your own keypair, and now it's time to use your new key to sign the CRF Root.
  
  Signing the CRF Root Key
  
  Root Keys represent the "heart" of any security infrastructure, so trusting them to serve as "introducer keys" (certifying other peoples' keys to you) multiplies the number of secure conversations and valid digital signatures you can benefit from, without actually performing the many hours of key registration and key management necessary to validate them all yourself. Increasing the depth of introduction possible also amplifies the possible number of secure, authenticated communications in which you may engage with others, in this case with the growing community of CRF volunteers and clients in the human rights and journalism fields.
  
  CRF's Root Keys are generated at public events and under controlled conditions on reasonably secure hardware, because our cryptographic philosophy is both one of practical security (i.e. "pretty good") for use in real world situations and one of bringing people together and building human bridges using cryptography.
  
  To sign the CRF Root Key, open the PGPkeys application and select it in the list of public keys.
  
  Next, use the Keys menu's Sign command to bring up the Sign Keys dialog: in the dialog's lower left corner, click the "More Options" or "Advanced Options" button:
  
  to display the expanded signature dialog shown below (see Figure 5).
  
  Figure 5: Signing the CRF Root as a Meta-Introducer with increased Trust Depth.
  
  Select the "Meta-Introducer" signature type.
  
  In the "Options" area of the Sign Keys dialog, also click the "up" arrow to increase the Trust Depth value to "3" (three). In practical terms, this means that a key signed by a key signed by a key signed by the CRF Root will be valid (and therefore useful) on your keyring without you being required to check the Key Properties yourself. This increases the efficiency and scope of CRF's practical PKI despite the great distances across which our volunteers communicate. However, you should still take every opportunity to check Key Properties yourself when feasible: indeed, CRF encourages all personnel to pro-actively check on any keys and people they come in contact with during the course of CRF-related activities (see the section below on Direct Validation).
  
  Next, click the "OK" button, and PGP will ask for your passphrase. If you have multiple keypairs, be sure to select your new CRF key in the popup menu so that you sign the CRF Root with the correct key.
  
  Notice that, once you sign the CRF Root, the Keymaster and Postmaster keys are both displayed as Valid and Trusted in their key properties dialogs and can now be used for many different purposes, including those in the next section. Other CRF staff and volunteer keys you obtain will also be usable as soon as you receive them: if you encouter a key with a "cryptorights.org" email address that has not been certified by the Keymaster, do not raise an objection, but do notify the Keymaster immediately so CRF may determine if someone is impersonating a member of the CRF community.
  
  » Things to Avoid Doing
  
  Please do not sign your key with any other keypairs you may already own (unless specifically asked to do so by the CRF Keymaster). Until your new CRF key has been validated by the CRF Keymaster, it should neither be certified, nor be used, by anyone else.
  
  Do not upload/send/etc your CRF key, or its revocation (KRC), to any public keyservers. For reasons related to our internal communications security requirements and beyond the scope of this document, CRF does not rely on the current generation of public keyservers for key distribution. If a CRF Staff member or Volunteer will be communicating with external personnel, their keys will either appear on their webpages on the CryptoRights.org website, or they may be acquired directly from the Keymaster upon request or the key owner. Authorized users will be given access to CRF's internal keyservers as needed.
  
  Unless you report a compromised key that may jeopardize CRF clients, personnel, members or a CRF mission and which thus requires emergency procedures, all normal key expirations and revocations will be circulated through internal CRF channels, and will only be made public when necessary.
  
  Submitting Your Key to CryptoRights
  
  Once you've generated your PGP key following these guidelines, the next step is to send it to the CRF Keymaster in such a way that s/he can make sure it's your key and you can make sure you're sending it to CryptoRights. The best way for you to do this is for you to personally hand it to a member of the CRF Staff whom you have confirmed is one of our representatives. Unfortunately, this is not always possible because CRF only has offices in a few locations and people submitting new keys are from all around the world.
  
  So, CRF has developed a combination of physical and electronic methods for basic "proofing", which is the process of binding a cryptographic key to an actual person. Once we've bound the key to you, we can with some assurance use it to send you information and to check your digital signatures, e.g. on your vote on a CRF Members Ballot.
  
  Below, we'll explain the procedure for preparing a file that contains your key and some information needed to verify it (and you and us!). Then we'll explain some ways to send your that file to CRF.
  
  Preparing an Encrypted Key Submission File (EKSF)
  
  Create a key-submission file (KSF) in the body of an email or as a separate text file. We have included a checklist for you to use below so that you don't forget to include anything important.
  
  Indicate a telephone number where the Keymaster should call you in order to verify your key fingerprint. The telephone number should include the Country Code (US = +1, Netherlands = +31, etc) and the Area Code (for your city). Also include two (2) convenient one-hour time ranges to do so (in Pacific Time, GMT-8) on two different weekdays (preferably NOT in the same week!).
  
  Indicate your preferred method for responding to the fingerprint challenge: "hexadecimal" (for GPG or PGP users: this is the more common choice) or "word-list" (PGP users only). If you select the "hexadecimal" option, please familiarize yourself with the verbal equivalents for hexadecimal characters document so that you will be able to quickly and accurately read your fingerprint over the telephone. If you make a mistake while reading your fingerprint, the CRF Keymaster will NOT alert you to your error, and your key will not be validated, so accuracy is very important.
  
  Include an Keymaster Authentication Challenge Phrase (KACP) of suitable complexity, e.g.
```
         
      "We chopped your firewood last month and it got wet today."
```
  that the caller must use to identify him/herself to you as a "CryptoRights Keymaster". Do Not type your keypair's passphrase!
  
  Encrypt your KSF (email or text file) to the Keymaster key, which you obtained at: cryptorights.org/keys/role/keymaster.html. You have now created an Encrypted Key Submission File (EKSF).
  
  Submitting Your EKSF by Email
  
  If you prefer to send your Encrypted Key Submission File (EKSF) to CRF by email, please export your key from PGP or GPG as an ASCII-Armored Key Block. PGP users should select "Compatible" mode by default but should select "Complete" mode if a PhotoID has been added to their key.
  
  Send the Encrypted Key Submission File (EKSF) by email to:
  keymaster@cryptorights.org.
  
  Submitting Your EKSF by FTP
  
  If you prefer to send your Encrypted Key Submission File (EKSF) to CRF by FTP (File Transfer Protocol), please send the file to: <ftp://key:submit@cryptorights.org/>.
  
  After you have FTPed your EKSF (or if you have difficulties doing so), please notify the CRF Keymaster by CLICKING HERE.
  
  EKSF Checklist
  
  Please perform a 'preflight' check on your EKSF (Encrypted Key Submission File) against the checklist below to make sure the key properties and all other items included in it are fully compliant with the CryptoRights security policies concerning cryptographic keys as outlined in this document.
  
  EKSF Checklist:
  - UserID is {your_CRF_userid}@cryptorights.org
    (this must be the only UserID on the key, and must be arranged BEFORE key generation with the CRF Postmaster to ensure its uniqueness).
  - Key Size is greater than 3100 bits (4096 bits is preferred).
  - Symmetric Cipher is set to 3DES.
  - Key Expires in One Year (at most two 2 years by prearrangement with CRF Keymaster), or
    six (6) months for new users' keys, or
    three (3) months for GPG keys where no KRC is supplied.
  - PGP users: the CRF Keymaster key [0xFD7DE423] has been added as Designated Revoker, or
    GPG and PGP 2.x users: self-generated KRC is included in EKSF.
  - EKSF includes Your Phone Number.
  - EKSF includes two (2) times when the Keymaster can telephone you to verify the key properties (1 hour time-slots).
  - EKSF specifies your preferred fingerprint challenge format ['hexadecimal' or 'word-list'].
  - EKSF includes a KACP (Keymaster Authentication Challenge Phrase) for the Keymaster to know when you request it on the telephone.
  - EKSF is Signed by the key you are submitting, and Encrypted to the CRF Keymaster key [0xFD7DE423].
  - Print out your fingerprint and the KACP (or load them into your PDA) and carry them with you at the appointed time(s).
  How & Why CRF Validates Your Key
  
  CRF has two methods for Key Validation, or verifying that the key you claim to control does in fact belong to you:
  - Direct Key Validation (in Person)
  - Remote Key Validation (Telephone)
  Direct Key Validation (in Person)
  
  Confirmation of key properties is obtained directly from the key owner by a CRF Staff member.
  
  Direct Key Validation, which is performed in person, is preferred because of the additional assurances it provides us with. DKV involves a member of CRF's Staff obtaining the key directly from you (e.g. at a public or private event) and also checking various forms of photographic identification. Keys CRF obtains in this way are generally certified for longer expiration periods, such as two (2) years. These keys may also receive additional certifications from other CRF role keys as appropriate, and thereby become 'introducer' keys able to include other keys in CRF's PKI. DKV is also a requirement for any CRF volunteer who wants to become eligible to participate in the CRF User Services Group's field missions.
  
  Remote Key Validation (Telephone)
  
  [ THIS SECTION IS STILL UNDER REVIEW/CONSTRUCTION ]
  
  Remote Key Validation (e.g. via email) is considered a 'medium-security' method for establishing moderate key validity, and is used only with CRF members who wish to vote electronically in internal ballots or for volunteers who participate in online projects.
  
  Your main responsibility is to be prepared to return the Keymaster's fingerprint challenge by reading your key fingerprint out loud over the telephone, either using the international verbal character equivalents or the word-list (uncheck the "Hexadecimal" checkbox in the GUI PGP client to view the word-list version of the fingerprint). We recommend that you practice this a few times on your own.
  
  Please be sure to have your fingerprint with you and within easy reach at the appointed times (if you don't have a PDA to store it in, write/print it on a piece of paper and take that with you).
  
  The Keymaster will telephone you at the time you specified. If you do not receive a call at either of the two appointed times, you will receive an email, signed by the Keymaster key, requesting a new appointment.
  
  When you are called by (someone claiming to be) the CRF Keymaster at the appointed hour, challenge the caller to repeat the KACP you provided. Do not coach the caller: make him/her repeat it entirely and exactly. If the caller is unable to meet the KACP challenge correctly the first time, you may terminate the call. Wait for the next appointed time to be called. If the second challenge also fails or seems suspicious in any way, you have two options:
  (A) terminate the call without comment, or
  (B) accept the incorrect KACP and reply with an incorrect fingerprint for your key (this may yield useful information for tracking an impostor).
  
  In either case, immediately notify the CRF Keymaster of the second failed attempt, either by telephone to the CRF HQ (as listed on our website at <cryptorights.org/about/contact.html> in PGP-signed HTML) or by email to the CRF Keymaster address (please encrypt such alerts!).
  
  Once the validation is completed, you will receive your key by return encrypted email to your cryptorights.org email account. Please be sure to confirm that your cryptorights.org email account's mailbox is fully functional and accessible to your preferred mail client before you begin the key generation process.
  
  If you have any difficulties, please notify the CRF Postmaster. Your key will now include the CRF Keymaster signature certification, and will be available to other CRF staff and volunteers. If required by your participation in CRF projects, your key may also appear on your CRF webpage and/or be uploaded to the internal CRF Keyserver.
  
  Remember: your CRF key should NOT be posted to any public keyservers. It is a special-purpose key intended for specific internal CRF purposes. Our plans are to extend our PKI by developing guidelines for external keys, such as your personal keys, which CRF staff and volunteers can use for general purposes while retaining a connection to CRF's communications net.
  
  [table of contents]
  
  Author/Editor:
  + Dave Del Torto <ddt@cryptorights.org>
  
  Contributors:
  + Dave Shaw <dshaw@jabberwocky.com> (GPG scripting)
  + Doug Calvert <dfc@cryptorights.org> (GPG scripting, key submission files)
  + Dr. David Chaum <dc@cryptorights.org> (cipher preferences)
  + Dr. Whit Diffie <whit@cryptorights.org> (cipher preferences)
  + Che Hsu <che@cryptorights.org> (new user installs)
  + Mark Holtz <mholtz@cryptorights.org> (GPG scripting)
  + John Kane <jkane89@softhome.net> (GPG scripting)
  + Werner Koch <wk@gnupg.org> (GPG snapshots & scripting)
  + Jorgen Ottosson <otto@cryptorights.org> (security policy/practices, algorithms)
  + Richard Outerbridge <outer@cryptorights.org> (cipher preferences)
  + Rodney Thayer <rodney@tillerman.to> (GPG scripting)
  + Dr. Ruediger Weis <ruedi@cryptorights.org> (cipher preferences)