BUG: Web of trust circumvention by secret key distribution
Florian Weimer
Florian.Weimer at RUS.Uni-Stuttgart.DE
Mon Dec 11 13:50:08 CET 2000
"L. Sassaman" <rabbi at quickie.net> writes:
> That's not correct. PGP treats all keys as untrusted unless there is a
> valid trust path to the key. That trust path can originate from a secret
> key you possess on your key ring or from a third-party key you have
> decided to trust.
>
> There is nothing wrong with the system PGP uses. And, as Florian has
> demonstrated, it is a lot safer than the current GnuPG system.
Could you have a second look at the attack? If PGP works the way you
told, I don't see why PGP isn't vulnerable, too (under the assumption
that the public key import routines more-or-less silently import
secret keys as well). The attack adds another secret key which forces
GnuPG to consider the corresponding public key ultimately trusted.
--
Florian Weimer Florian.Weimer at RUS.Uni-Stuttgart.DE
University of Stuttgart http://cert.uni-stuttgart.de/
RUS-CERT +49-711-685-5973/fax +49-711-685-5898
More information about the Gnupg-devel
mailing list