On Fri, Jun 13, 2003 at 02:31:13AM -0400, Travis Crump wrote: > Pigeon wrote: > > > >The main weakness of the system is in the key security; you can't > >fully trust a key unless you have actually met the keyholder to get it > >and checked that you didn't meet an impostor. This is only really > >significant for spy-novel type situations, though, and doesn't > >materially weaken it as a defence against spammer-type bulk abuse. > > > > Impostor? For a lot of people I recieve e-mail from I could care less > about their real world identity. The signature tells me that the person > sending an e-mail is the same person who has sent me other e-mails > signed with the same signature. Don't discount the usefulness of this. I'm not discounting its usefulness - I'm just saying there is a hole in it which is most unlikely to actually cause you a problem: It would be possible for $CYBERSPY to crack the keyserver and replace $CYBERPAL's key with his own, then intercept all mails from $CYBERPAL, replace the signature and send them on. Then at some time in the future $CYBERSPY could edit the content of $CYBERPAL's messages, or send bogus messages purporting to be from $CYBERPAL, in order to get you to do something to $CYBERSPY's advantage that you would not do if a stranger asked you to do it. (Like, you don't withdraw your troops unless you're sure the order came from the general.) The point is that this sort of attack is not something Joe Bloggs has to worry about. While it is easier than cracking the actual encryption, it is still a PITA to do it properly - you need to be Smiley's people rather than J.R. Cracker - so you need to be a person of unusual power and influence to make it worthwhile for someone to try and manipulate you in this way. -- Pigeon Be kind to pigeons Get my GPG key here: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x21C61F7F
Attachment:
pgp9jNzH27kfi.pgp
Description: PGP signature