X-Spam-Level:
X-Spam-ASN: AS15169 74.125.0.0/16
X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
DKIM_VALID_AU, RCVD_IN_DNSWL_LOW,
SPF_PASS shortcircuit=no autolearn=disabled version=3.3.1
X-Spam-Report: * -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at
http://www.dnswl.org/, low * trust
* [74.125.82.176 listed in list.dnswl.org]
* -0.0 SPF_PASS SPF: sender matches SPF record
* -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's * domain
* -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
* 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
* valid
X-SA-Exim-Version: 4.2.1 (built Mon, 22 Mar 2010 06:51:10 +0000)
X-SA-Exim-Scanned: Yes (on mail.bitfolk.com)
Cc: Andy Smith <andy@???>
Subject: Re: [bitfolk] Proving that you are you
X-BeenThere: users@???
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: Users of BitFolk hosting <users.lists.bitfolk.com>
List-Unsubscribe: <https://lists.bitfolk.com/mailman/options/users>,
<mailto:users-request@lists.bitfolk.com?subject=unsubscribe>
List-Archive: <http://lists.bitfolk.com/lurker/list/users.html>
List-Post: <mailto:users@lists.bitfolk.com>
List-Help: <mailto:users-request@lists.bitfolk.com?subject=help>
List-Subscribe: <https://lists.bitfolk.com/mailman/listinfo/users>,
<mailto:users-request@lists.bitfolk.com?subject=subscribe>
X-List-Received-Date: Sun, 08 Jul 2012 15:45:50 -0000
--nextPart5013124.LgbL6CrAug
Content-Type: Text/Plain;
charset="iso-8859-15"
Content-Transfer-Encoding: quoted-printable
On Saturday 07 Jul 2012 14:05:37 Andy Smith wrote:
> Suggestions revolving around the customer identifying themselves
> using public key crypto (PGP keys, SSH keys) are fine but do bear in
> mind that most customers have not presented either a PGP nor SSH key
> to me, and that would have to be done before it was actually needed.
>=20
> I could require that an SSH and/or PGP key be uploaded to the panel
> before the panel allows you to disable email password resets, though
> there would still need to be a plan in place for the inevitable case
> where the customer claims to no longer have access to any of the
> keys they have uploaded.
I think this is the best suggestion. Require a GPG key off everyone.
If, the VPS owner has chosen to disable password reset (which for a securit=
y=20
sensitive site, they almost certainly should -- emails aren't secure), then=
=20
it is their duty to supply a public-key method of verifying their identity.=
=20
If they haven't done that then I don't think it's unreasonable for you to=20
require any level of:
- Birth certificate
- Utility bill
- Passport
- Freshly made photo of them holding today's paper with a secret phrase of
your choice written on it.
- An unlocking payment from the same source as the original VPS purchase
In short: paranoia. Disabling password reset implies a level of security=20
that should be maintained. It's saying "I take full responsibility for the=
=20
password to this VPS, and if I lose it, I accept that I may never get acces=
s=20
again".
The alternative is that social engineering will get an attacker access; and=
=20
that's often considerably easier brute forcing problem than a password.
Andy
=2D-=20
Dr Andy Parkins
andyparkins@???
--nextPart5013124.LgbL6CrAug
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iEYEABECAAYFAk/5qx8ACgkQwQJ9gE9xL21ALACgw/KGsxSJAi/uZhlgeZNVdHHJ
VY0AnjNqhjIyOnSmLd6RbSpFHbia4Yeh
=C7me
-----END PGP SIGNATURE-----
--nextPart5013124.LgbL6CrAug--
From pjb@??? Mon Jul 09 13:07:23 2012
Received: from [2001:ba8:1f1:f2a1::2] (helo=zircon.org.uk)
by mail.bitfolk.com with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32)
(Exim 4.72) (envelope-from <pjb@lothlan
