signing keys

[Frank Tobin]

Davide Cavallari, at 17:12 +0100 on 2002-01-28, wrote:

> If I want to tamper a public key, I may write down a message, sign it
> with my tampered public key, upload that key to a keyserver, specify the
> fingerprint of that tampered key in the email header and finally give an
> URL which people can get the same tampered key from. In this case the
> key downloaded from both the keyserver and the URL are the same.
> Obviously, the fingerprint seems alright too!

The bit you are missing is the possible long-standing 'history' of signed
messages from a person.  Sure, you can spoof once or several times, trying
to get people to think your intended victim Vik uses the key 0x00000000,
but you can't erase the possible years of history Vik has of posting
messages to well-known lists using his true key, 0x11111111.  By analyzing
this history well, it will be much harder to fool people.

This is exactly why I'm creating a small tool which gathers signature
history from mail (currently processing mboxes), and provides simple yet
(I think) useful reports on what keys an email address has used to post to
mailing lists.  It's not a 'secure' means, but it is practical way to
complement the web of trust.

-- 
Frank Tobin		http://www.neverending.org/~ftobin/