# SOME DESCRIPTIVE TITLE
# Copyright (C) YEAR Free Software Foundation, Inc.
# This file is distributed under the same license as the PACKAGE package.
# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
#
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: tails-l10n@boum.org\n"
"POT-Creation-Date: 2025-06-10 12:51+0200\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
"Language: zh_TW\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"

#. type: Plain text
#, no-wrap
msgid "[[!meta title=\"Revocation of the Tails signing key\"]]\n"
msgstr ""

#. type: Plain text
msgid ""
"This document proposes a mechanism for the distribution and activation of "
"the revocation certificate of the Tails signing key."
msgstr ""

#. type: Title =
#, no-wrap
msgid "Status"
msgstr ""

#. type: Plain text
msgid "This document is obsolete."
msgstr ""

#. type: Plain text
msgid ""
"It will be simplified or removed by [[!tails_gitlab tails/summit/-/"
"issues/36]]."
msgstr ""

#. type: Title =
#, no-wrap
msgid "Goals"
msgstr ""

#. type: Plain text
msgid "Covered by the current proposal:"
msgstr ""

#. type: Bullet: '- '
msgid "Prevent any single individual from revoking our signing key."
msgstr ""

#. type: Bullet: '- '
msgid ""
"Allow a coalition of people from the Board to revoke our signing key in case "
"most of the people from the Board become unavailable."
msgstr ""

#. type: Bullet: '- '
msgid ""
"Allow a coalition of people, not necessarily from the Board, to revoke our "
"signing key in case everybody or almost everybody from the Board becomes "
"unavailable."
msgstr ""

#. type: Bullet: '- '
msgid ""
"Make it hard for a coalition of people not from the Board to revoke our "
"signing key unless everybody or almost everybody from the Board becomes "
"unavailable."
msgstr ""

#. type: Bullet: '- '
msgid ""
"People not from the Board shouldn't know how the shares are spread and who "
"has them."
msgstr ""

#. type: Bullet: '- '
msgid ""
"People in possession of a share of the revocation certificate of the signing "
"key should have instructions on how to use it if needed."
msgstr ""

#. type: Title =
#, no-wrap
msgid "Groups"
msgstr ""

#. type: Plain text
msgid "We define four complementary groups of trusted people:"
msgstr ""

#. type: Bullet: '  - '
msgid "Group A: people from the Board themselves"
msgstr ""

#. type: Bullet: '  - '
msgid "Group B"
msgstr ""

#. type: Bullet: '  - '
msgid "Group C"
msgstr ""

#. type: Bullet: '  - '
msgid "Group D"
msgstr ""

#. type: Plain text
msgid ""
"All these people should have an OpenPGP key and understand what a revocation "
"certificate is."
msgstr ""

#. type: Title =
#, no-wrap
msgid "Cryptographic shares"
msgstr ""

#. type: Plain text
msgid ""
"We generate a revocation certificate of the signing key and split it into a "
"number of cryptographic shares, using for example Shamir's secret sharing "
"scheme implemented by `gfshare`."
msgstr ""

#. type: Plain text
msgid ""
"The following combinations of people could get together and reassemble their "
"shares to reconstruct a complete revocation certificate:"
msgstr ""

#. type: Bullet: '  - '
msgid "Three people from the Board: A{3}"
msgstr ""

#. type: Bullet: '  - '
msgid ""
"Two people from the Board and one person not from the Board: A{2}+(B|C|D)"
msgstr ""

#. type: Bullet: '  - '
msgid ""
"One person from the Board, and two people not from the Board but from two "
"different groups: A+(B|C|D){2}"
msgstr ""

#. type: Bullet: '  - '
msgid ""
"Three people not from the Board but from three different groups: (B+C+D){3}"
msgstr ""

#. type: Plain text
msgid "We generate these shares:"
msgstr ""

#. type: Bullet: '  - '
msgid "N shares, one for each person from the Board"
msgstr ""

#. type: Bullet: '  - '
msgid "1 share for people in group B"
msgstr ""

#. type: Bullet: '  - '
msgid "1 share for people in group C"
msgstr ""

#. type: Bullet: '  - '
msgid "1 share for people in group D"
msgstr ""

#. type: Title =
#, no-wrap
msgid "Who knows what"
msgstr ""

#. type: Bullet: '  - '
msgid "People from the Board know the composition of each group"
msgstr ""

#. type: Bullet: '  - '
msgid "People not from the Board:"
msgstr ""

#. type: Bullet: '    - '
msgid "Are explained in which circumstances they should revoke the signing key"
msgstr ""

#. type: Bullet: '    - '
msgid ""
"Are told to write to a certain contact email address if they decide to "
"revoke the signing key"
msgstr ""

#. type: Bullet: '    - '
msgid ""
"Are told that they need three different shares to reassemble the revocation "
"certificate"
msgstr ""

#. type: Title =
#, no-wrap
msgid "Infrastructure"
msgstr ""

#. type: Bullet: '  - '
msgid "Everybody who owns a share is subscribed to a mailing list."
msgstr ""

#. type: Bullet: '  - '
msgid ""
"This mailing list is hosted on a trusted server different from boum.org to "
"be more resilient than our usual communication channels."
msgstr ""

#. type: Bullet: '  - '
msgid ""
"Someone hosting the mailing list is part of group B, C, or D so they can "
"ensure that the list keeps working even if it never used."
msgstr ""

#. type: Title =
#, no-wrap
msgid "Changing the members of the groups B, C, or D"
msgstr ""

#. type: Plain text
msgid "To add someone to a given group:"
msgstr ""

#. type: Bullet: '  - '
msgid ""
"Request someone from that group to send her share to the new person in the "
"group."
msgstr ""

#. type: Plain text
msgid "To remove someone from a given group:"
msgstr ""

#. type: Bullet: '  - '
msgid "Send new shares to everybody except to the person who is being removed."
msgstr ""

#. type: Bullet: '  - '
msgid ""
"Request everybody to delete their previous share and track this.  Once "
"everybody in 2 groups amongst B, C, or D have deleted their share, it "
"becomes impossible for them to reassemble the revocation certificate with "
"the previous set of shares."
msgstr ""

#. type: Bullet: '  - '
msgid "Let's hope that this doesn't happen very often :)"
msgstr ""

#. type: Title =
#, no-wrap
msgid "Expiry"
msgstr ""

#. type: Plain text
msgid ""
"There is no expiry date on revocation certificates. One way of cancelling "
"the revocation power is to destroy all copies of shares of 2 groups amongst "
"B, C, or D."
msgstr ""

#. type: Plain text
#, no-wrap
msgid "<a id=\"invitation\"></a>\n"
msgstr ""

#. type: Title =
#, no-wrap
msgid "Invitation email"
msgstr ""

#. type: Plain text
msgid ""
"Someone who has a personal trust relationship with the person being invited "
"sends this email."
msgstr ""

#. type: Plain text
#, no-wrap
msgid ""
"<pre>\n"
"Subject: distribution\n"
msgstr ""

#. type: Plain text
msgid "Hi,"
msgstr ""

#. type: Plain text
msgid ""
"We want to propose you to be part of a distributed mechanism for the "
"revocation certificate of the Tails signing key."
msgstr ""

#. type: Plain text
msgid ""
"The idea is to distribute cryptographic shares of this revocation "
"certificate to people that we trust. These cryptographic shares can be put "
"together to reassemble the revocation certificate and revoke the Tails "
"signing key. This may be needed in case something really bad happens to us "
"and we are not able to do the revocation ourselves."
msgstr ""

#. type: Plain text
msgid "Note: In all this document, 'us' refers to the Board."
msgstr ""

#. type: Plain text
msgid "You can read a complete description of the distribution mechanism on:"
msgstr ""

#. type: Plain text
msgid "https://tails.net/doc/about/openpgp_keys/signing_key_revocation."
msgstr ""

#. type: Plain text
msgid ""
"The recipe is public and the only secret component is the list of people who "
"are in possession of the cryptographic material."
msgstr ""

#. type: Plain text
msgid ""
"We are proposing this to you because we trust in both your technical "
"abilities to store your share in a safe place and manipulate it as required. "
"But also because we trust you as a human being to make informed judgment on "
"when to use your share and act only in the interest of Tails."
msgstr ""

#. type: Plain text
msgid "The bad things that could happen if the mechanism fails are:"
msgstr ""

#. type: Plain text
msgid ""
"A. The signing key is not revoked when it should be. This could allow "
"possible attackers to distribute malicious Tails images or publish malicious "
"information on our name."
msgstr ""

#. type: Plain text
msgid ""
"B. The signing key is revoked when it should not have been. This would "
"prevent people from verifying our images with OpenPGP until we publish a new "
"signing key and build trust in it."
msgstr ""

#. type: Title =
#, no-wrap
msgid "Distribution of the shares"
msgstr ""

#. type: Plain text
msgid ""
"Each person from the Board, group A, has a *different* share, A1, A2, ..., "
"An."
msgstr ""

#. type: Plain text
msgid ""
"On top of this, we defined three complementary groups, B, C, and D of "
"trusted people who have a close relationship with Tails but different "
"interests and different access to information about us. You are part of one "
"of these groups."
msgstr ""

#. type: Plain text
msgid "Everybody in group B has an *identical* share B."
msgstr ""

#. type: Plain text
msgid "Everybody in group C has an *identical* share C."
msgstr ""

#. type: Plain text
msgid "Everybody in group D has an *identical* share D."
msgstr ""

#. type: Plain text
msgid ""
"Three different shares are needed to reassemble the revocation certificate. "
"For example, shares A1, A2, and A3, or shares A1, B, and C."
msgstr ""

#. type: Title =
#, no-wrap
msgid "How to store your share"
msgstr ""

#. type: Plain text
msgid ""
"Please keep your share in an encrypted storage and make it as hard as you "
"can for untrusted people to get a copy of it."
msgstr ""

#. type: Plain text
msgid ""
"You can rename the file as long as you keep the number in the file name of "
"your share as it is needed to use the share."
msgstr ""

#. type: Plain text
msgid ""
"Feel free to back up the file but we might also request you to delete it at "
"some point and you should be able to know whether you still have a copy of "
"it or not. It is all-right to lose your share as long as you tell us that "
"you have lost it. It is actually worse to still have a copy of the share "
"\"somewhere\" while thinking that you don't, than to lose it by mistake."
msgstr ""

#. type: Plain text
msgid ""
"Don't hesitate to ask us if you need clarification on the technical aspects "
"of this."
msgstr ""

#. type: Title =
#, no-wrap
msgid "When to use your share"
msgstr ""

#. type: Plain text
msgid "Everybody in possession of a share is subscribed to a mailing list."
msgstr ""

#. type: Plain text
msgid ""
"If someone in possession of a share gets to learn about a very bad event "
"that happened to many of us and really thinks that we are not capable of "
"revoking the Tails signing key ourselves anymore, then this person should "
"write to the mailing list explaining why she thinks that the signing key "
"needs to be revoked."
msgstr ""

#. type: Plain text
msgid ""
"Yes, there is no mathematically proven algorithm for this and here is where "
"your judgment as a human being is needed. The description of the very bad "
"event should be checked or backed by enough people to be plausible."
msgstr ""

#. type: Plain text
msgid ""
"People on the list who are also convinced that the signing key should be "
"revoked share their shares until they have 3 different shares. Then they can "
"assemble the revocation certificate and publish it to revoke the signing key."
msgstr ""

#. type: Plain text
msgid ""
"Keep in mind that we could still revoke the signing key ourselves as long as "
"three of us are able to communicate and gather their shares. So we only need "
"your help if no more than two of us are still able to communicate."
msgstr ""

#. type: Plain text
msgid ""
"Unless you really want to start the key revocation process, do not write to "
"this mailing list."
msgstr ""

#. type: Title =
#, no-wrap
msgid "Further communications"
msgstr ""

#. type: Plain text
msgid ""
"In case we need to communicate with you about this revocation mechanism in "
"the future, we will always do it through the tails@boum.org mailing list. We "
"might do so for example to:"
msgstr ""

#. type: Bullet: '  - '
msgid "Ask you to send your share to a new member of your group."
msgstr ""

#. type: Bullet: '  - '
msgid ""
"Ask you to delete your share. This could be needed to cancel the power of "
"others people's share: as long as enough of you delete their shares, the few "
"people that might not delete them would end up with unusable shares."
msgstr ""

#. type: Plain text
msgid ""
"The tails@boum.org mailing list has its own OpenPGP key, which is signed by "
"the Tails signing key itself:"
msgstr ""

#. type: Plain text
#, no-wrap
msgid "    https://tails.net/tails-email.key\n"
msgstr ""

#. type: Plain text
msgid "So, can we count on you for this?"
msgstr ""

#. type: Plain text
msgid ""
"If you answer positively, we will send you your share and subscribe you to "
"the mailing list."
msgstr ""

#. type: Plain text
#, no-wrap
msgid ""
"Thanks, and may the force be with you!\n"
"</pre>\n"
msgstr ""

#. type: Title =
#, no-wrap
msgid "Keeping the members of the groups B, C, and D up-to-date"
msgstr ""

#. type: Plain text
msgid "At least every 2 years, we make sure that the mechanism still works:"
msgstr ""

#. type: Bullet: '1. '
msgid ""
"We review internally the list of members of each group and decide possible "
"additions to, and removals from, each group."
msgstr ""

#. type: Bullet: '1. '
msgid ""
"We write to every individual member of each group to ask them to check that "
"they still have their share and the number in the file name."
msgstr ""

#. type: Bullet: '1. '
msgid ""
"We log in to the administration interface of the mailing list, make sure "
"that it still exists, and is configured correctly."
msgstr ""

#. type: Plain text
#, no-wrap
msgid "<a id=\"update\"></a>\n"
msgstr ""

#. type: Title -
#, no-wrap
msgid "Update email"
msgstr ""

#. type: Plain text
msgid ""
"We send these emails through tails@boum.org to avoid the need for a personal "
"trust relationship between the person sending the mail and the recipient. We "
"don't send shares from groups B, C, or D with tails@boum.org by doing so."
msgstr ""

#. type: Plain text
#, no-wrap
msgid ""
"<pre>\n"
"Subject: update\n"
msgstr ""

#. type: Plain text
msgid ""
"Some years ago, you agreed to be part of a distributed mechanism for the "
"revocation certificate of the Tails signing key and we sent you a "
"cryptographic share of this revocation certificate."
msgstr ""

#. type: Plain text
msgid "Today, we are asking you to:"
msgstr ""

#. type: Bullet: '1. '
msgid ""
"Verify the authenticity of this email, either by verifying that it is signed "
"by the tails@boum.org mailing or by talking directly to someone from the "
"Board."
msgstr ""

#. type: Plain text
#, no-wrap
msgid ""
"   The tails@boum.org mailing list has its own OpenPGP key, which is\n"
"   signed by the Tails signing key itself:\n"
msgstr ""

#. type: Plain text
#, no-wrap
msgid "   https://tails.net/tails-email.key\n"
msgstr ""

#. type: Bullet: '2. '
msgid "Confirm whether you still have in your possession:"
msgstr ""

#. type: Bullet: '   - '
msgid "Your share of the revocation certificate."
msgstr ""

#. type: Bullet: '   - '
msgid "The number NNN in the file name of your share."
msgstr ""

#. type: Plain text
#, no-wrap
msgid ""
"     The file was named tails-signing-key-revocation-cert.asc.NNN, where\n"
"     NNN is a 3 digit number.\n"
msgstr ""

#. type: Plain text
msgid ""
"For the record, the address of the mailing list that you should write to in "
"case you want to assemble the revocation certificate is:"
msgstr ""

#. type: Plain text
#, no-wrap
msgid "    address@example.org\n"
msgstr ""

#. type: Plain text
msgid ""
"Do not write to this mailing list unless you really want to start the key "
"revocation process."
msgstr ""

#. type: Plain text
msgid "We are also copying below a summary of the mechanism."
msgstr ""

#. type: Plain text
#, no-wrap
msgid ""
"XXX: Copy the invitation email:\n"
"XXX: - Include \"You can read a complete description of the distribution mechanism on:\"\n"
"XXX: - Stop before \"So, can we count on you for this?\"\n"
"</pre>\n"
msgstr ""

#. type: Title -
#, no-wrap
msgid "Adding a new member"
msgstr ""

#. type: Bullet: '1. '
msgid ""
"Send the [[invitation email|signing_key_revocation#invitation]] to the new "
"member."
msgstr ""

#. type: Bullet: '1. '
msgid ""
"If they agree, ask someone else from the same group to send them their share "
"of the key."
msgstr ""

#. type: Plain text
#, no-wrap
msgid ""
"   Unfortunately, this reveals some membership information to these two\n"
"   people.\n"
msgstr ""

#. type: Bullet: '1. '
msgid "Ask the new member to confirm the reception of their share."
msgstr ""

#. type: Plain text
#, no-wrap
msgid "<a id=\"sharing\"></a>\n"
msgstr ""

#. type: Title ###
#, no-wrap
msgid "Sharing email"
msgstr ""

#. type: Plain text
#, no-wrap
msgid ""
"<pre>\n"
"Subject: sharing\n"
msgstr ""

#. type: Plain text
msgid "We asked someone else from your group to send you a copy of your share."
msgstr ""

#. type: Plain text
msgid "Please tell us once you receive it."
msgstr ""

#. type: Plain text
msgid ""
"The address of the mailing list that you should write to in case you want to "
"assemble the revocation certificate is:"
msgstr ""