Robot CA at toehold.com

Per Tunedal pt@radvis.nu
Fri Dec 6 12:55:10 2002 

At 16:03 2002-12-05 -0600, you wrote:
 >This mail was signed (Inlined PGP-Message).
 >
 >,-----GnuPG output follows (current time: Fri, Dec 06 2002 - 09:09:51)--
 >|
 >|     Signerades 12/05/02 23:03:00  med hj=F5lp av DSA-nyckeln med ID=
 2A94C484
 >|     Korrekt signatur fr=D5n "Kyle Hasselbacher <kyle@toehold.com>"
 >|
 >`----------------------------------------------------BEGIN PGP SIGNED
 >MESSAGE-----
 >Hash: SHA1
 >
 >On Thu, Dec 05, 2002 at 09:52:39PM +0100, Volker Gaibler wrote:
 >>On Thu, Dec 05, 2002 at 11:43:12AM -0600, Kyle Hasselbacher wrote:
 >>> bogus-but-signed key.  Challenge/response systems have the same=
 problem,
 >>> however.  In a sense, if the attacker can intercept the victim's=20
email, the
 >>> verification is working--the attacker DOES have access to that email
 >>> address, and that's all the robot is trying to find out.  From the=
 robot's
 >>> point of view, there's no difference between this and two (or more)=
 people
 >>> who legitimately and knowingly share an email address.
 >>
 >>But why use encryption at all in that case? Slightly simplified:
 >>If someone can read your unencrypted mail (sysadmin or somebody sniffing
 >>network traffic) - and that's what you want to prevent - also can create
 >>bogus-but-signed keys.
 >
 >That situation is made no worse by having non-working encryption.
 >Hopefully the user gets a key working BEFORE people start sniffing.  When=
 a
 >doppleganger shows up, hopefully people will notice.  There's some=
 optimism
 >there, I know.
 >
 >Do you not bother to lock your bicycle when you know there are people with
 >bolt cutters?  Envelopes can be steamed open, but I still use them.  What
 >I'm proposing is "better than nothing".  It is NOT absolute security. =
 It's
 >merely better than the (terrible) security that's there now.  Knowing=
 this,
 >you're welcome not to use it.  People who are none-the-wiser will get some
 >benefit, perhaps without knowing it.  If not, they're no worse off.
 >
 >I don't think I can prevent unsophisticated users from falling victim to
 >sophisticated attackers.  It's just a given.  The determined attacker will
 >get through this simple security.
 >
 >What I can do is stop the more casual attackers.  If it's harder to get=
 the
 >opportunity to violate someone's privacy, it won't happen as often.
 >- --
 >Kyle Hasselbacher

I believe this would be a great improvement.
Per Tunedal