BUG: Web of trust circumvention by secret key distribution

L. Sassaman rabbi at quickie.net
Tue Dec 12 01:02:38 CET 2000


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 11 Dec 2000, Florian Weimer wrote:

> Could you have a second look at the attack?  If PGP works the way you
> told, I don't see why PGP isn't vulnerable, too (under the assumption
> that the public key import routines more-or-less silently import
> secret keys as well).  The attack adds another secret key which forces
> GnuPG to consider the corresponding public key ultimately trusted.

When you import a secret key into PGP, the key is *not* ultimately
trusted. It is not trusted at all. You must manually set the trust on the
key.

And the imports of secret keys are not quiet: they say something like "One
or more of the keys you have imported is a secret key. You will need to
set the trust level for that key."

__

L. Sassaman

Security Architect             |  "The world's gone crazy,
Technology Consultant          |   and it makes no sense..."
                               |
http://sion.quickie.net        |                   --Sting


-----BEGIN PGP SIGNATURE-----
Comment: OpenPGP Encrypted Email Preferred.

iD8DBQE6Nem6PYrxsgmsCmoRAqhsAKCu7Ljh0b+dktAjSFDssTCBGeEamQCeLw15
WTltHjtotAdEi10BVG7ducI=
=bgL6
-----END PGP SIGNATURE-----



More information about the Gnupg-devel mailing list