Request for Discussion: new/PubKeyDistributionConcept/FallbackServer

Bernhard Reiter bernhard at
Tue Jun 28 17:25:34 CEST 2016

Am Mittwoch, 15. Juni 2016 11:04:45 schrieb Neal H. Walfield:
> To prevent a MitM, you need a secure channel.  You can decrease the
> change of a MitM be using multiple insecure channels.  These insecure
> channels can be either in space (different network routes) or time
> (last year, last month and yesterday).  This is what TOFU exploits.

Given that receiving and sending emails will all go over the MSP 
that a particular user is using, several email contacts over time will
not help TOFU much. 

> WKD uses a single insecure channel multiple times.  
> This does not add trust.

At least other parties (with different network routes) or the user
going to a different networks access (e.g. while travelling) would increase
the chances of detecting an MSP MitM attack. With just several email contacts 
over time the chance of detection is much lower because the MSP does not
have to make the pubkey it hands out public.

(: Bernhard

--   +49 541 33 508 3-3
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20160628/8ab4e077/attachment.sig>

More information about the Gnupg-devel mailing list