looking up pgp keys

Tim Prepscius timprepscius at gmail.com
Thu Sep 12 18:42:21 CEST 2013


I fear I am one of the "persuasive idiots.*\.$"

---

But I'm not sure why compliance would even come into play..

The only function that needs to happen is that "the place of standard
lookup," (what I'm proposing would be receiving mail server.

Would be verifiable.


It doesn't matter if it has the wrong key in it, if this issue can be
discovered.

So for instance if SuperMail has key for Bob.  Malicious hacker
replaces key with different key.

Bob can verify.
Other servers will detect change.


If *super-hacker* replaces key for Bob and then MITM Bob so he cannot
discover it, still for this to be effective, the key *must* be visible
to the outside world.

So other servers can detect the change, and Bob can detect the change
through other servers.


If *ultra-super-hacker-inviso-shirt* replaces key for Bob and then
completely MITM Bob so that he cannot get key from *any* server and
cannot ask *any* server to verify.

Then this is obviously a problem.  But I would say, (perhaps like an
idiot), that so far as I see:

-- if bob is truly a target his computer will be rooted anyway, he
will have a key logger, and his private key should be considered
revealed. --

It would probably be much easier to root his computer/phone take his
key, have a janitor walk into his work place, break into his
apartment, etc, than MITM *all* of his traffic searching for requests
for verification of his private key...


???

I fear I am missing an obvious issue here.  Feel free to enlighten ;-)

-tim



More information about the Gnupg-devel mailing list