BUG: Web of trust circumvention by secret key distribution

Florian Weimer Florian.Weimer at RUS.Uni-Stuttgart.DE
Mon Dec 11 13:50:08 CET 2000

"L. Sassaman" <rabbi at quickie.net> writes:

> That's not correct. PGP treats all keys as untrusted unless there is a
> valid trust path to the key. That trust path can originate from a secret
> key you possess on your key ring or from a third-party key you have
> decided to trust.
> There is nothing wrong with the system PGP uses. And, as Florian has
> demonstrated, it is a lot safer than the current GnuPG system.

Could you have a second look at the attack?  If PGP works the way you
told, I don't see why PGP isn't vulnerable, too (under the assumption
that the public key import routines more-or-less silently import
secret keys as well).  The attack adds another secret key which forces
GnuPG to consider the corresponding public key ultimately trusted.

Florian Weimer 	                  Florian.Weimer at RUS.Uni-Stuttgart.DE
University of Stuttgart           http://cert.uni-stuttgart.de/
RUS-CERT                          +49-711-685-5973/fax +49-711-685-5898

More information about the Gnupg-devel mailing list