Re: PGP and verifying ids / emails
Hi,
>>"Brian" == Brian May <bam@snoopy.apana.org.au> writes:
Brian> So we agree. You wouldn't sign the key without checking the
Brian> fingerprint first. The idea being, if the fingerprint matches,
Brian> then John Smith must have the matching private key (and not
Brian> somebody else).
Yes, though now that you point it out, this is an
assumption. I am assuming that
a) the person who has 2 picture ids of is actually john smith
b) the fingerprint actually belongs to his own key -- not to John
Smith from arkansas, who is a different person, but john smiths
is a common name ;-)
c) He still has access to his key, and can actually use it (people
tend to forget pass phrases)
I can't figure out a way that b) is actually useful -- but
possibly there is a way to exploit something that I can't think of.
Brian> Remember that there are two issues involved here:
Brian> 1. Who has the private key (and can decrypt/sign mail)?
Brian> 2. What is the name and E-Mail address of this person?
Brian> 1. That the public key matches up with his private key.
The case that this is not true is case 2 above.
Brian> There is no need to do this by inspecting the private
Brian> key.
I won't sign a key for anyone who takes security so lightly as
to allow me to instpect their private keys.
Brian> Most people would probably take John Smith's word for
Brian> (as described above). If you are paranoid though, you could
Brian> give John Smith a random message, securely, which he will
Brian> sign and send back to you. Infact, I believe this is how
Brian> ssh1 works with RSA authentication. This way, it is
Brian> impossible for somebody to lie and say they have the
Brian> private key, when they really don't, which is very
Brian> important for ssh, but maybe not such an issue for PGP.
Hmm. Interesting. But not quite good enough, since he may
lose the secret message, give it away to the ``other'' john
smith.
The only way to do this is to give him a secret number, but
not rely on that alone. One should take the fingerprint of the key,
and email address, send an *encrypted* message to the email address,
asking hium to multiply the number in the message with the number
provided in the meeting, and send an signed, encrypted message back.
Hmm. Maybe he should give you a number too, and your original
message contain that number to identify you.
Brian> 2. Of course, you also have to identify his name and E-Mail
Brian> address, to give other people an indication as to who has
Brian> the private key. You then sign it so nobody else can tamper
Brian> with it.
I think that the process above verifies the email address. The
name on the key ID *must* match the name in teh picture id's
Of course, this exchange of secrets and subsequent handshake
with encrypted mail messages are more work than most people are
willing to put in.
manoj
--
"Do not meddle in the affairs of wizards, for you are crunchy and
good with ketchup."
Manoj Srivastava <srivasta@debian.org> <http://www.debian.org/%7Esrivasta/>
Key C7261095 fingerprint = CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E
Reply to: