[Announce] new gnupg snapshot
Florian Weimer
fw@deneb.enyo.de
Sat Apr 7 00:45:04 2001
Andrew McDonald <andrew@mcdonald.org.uk> writes:
> On Fri, Apr 06, 2001 at 07:40:48PM +0200, Johan Wevers wrote:
> > Werner Koch wrote:
> >
> > > * Secret keys are no longer imported unless you use the new option
> > > --allow-secret-key-import.
> >
> > Why is that? What was the problem with importing secret keys?
>
> IIRC, if you have a secret key it is ultimately trusted by default.
> Persuading you to import a secret key could, therefore, subvert your
> web of trust.
Exactly, and every key server or network operator could attach such a
secret key to a response for a request, so this is a real problem.
This might a new threat in conjunction with the Klima/Rosa attack
(i.e. no write access to the key ring is required), but I didn't check
the GnuPG behavior if a modified version of a secret key already
present in the secret key ring is encountered.