Why CAs or public keysigning?

CL Gilbert Lamont_Gilbert@RigidSoftware.com
Wed Jun 18 16:25:01 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Peter L. Smilde wrote:
| Hi,
|
| What is the worth of signatures from public keysigning-parties or C=
As in
| face of non-unique names? Especially when only names are checked an=
d
| (usually) not (or only superficially) the email-adress.
|
| When I am in direct contact with a person (case 1), then I usually =
know
| he is the person I want to communicate with (so it is not really
| necessary to check his identity). In this case I can ask him for th=
e
| fingerprint of his key to be sure that I use no fake key of some ot=
her
| person. So far OK. In this case, I don't need any other signatures.
|
| I only need signatures, when I am not able to check the key fingerp=
rint
| personally. When I know that a trustworthy friend of mine has check=
ed
| the fingerprint and signed the key (case 2), then finding his signa=
ture
| on the key makes it very likely, that it is no fake key. Although i=
t is
| even better to ask my friend, if the key really belongs to the pers=
on I
| want to communicate with, because he might have signed a key of a p=
erson
| with the same name. So far still OK.
|
| It is still OK, when a key has a lot of signatures of people I know=
 to
| be friends, collegues, relatives of my communication partner or jus=
t
| persons I know (an unusal case though) to have been at the same
| keysigning-party (case 3). Then I don't have to ask them if he is t=
he
| right person, because it is quite unlikely, that another person wit=
h the
| same name has the same acquitanceship.
|
| But what, when I (or my trustworthy friends) don't have direct cont=
act
| with a person and his key has only been signed by CAs or by persons=
 he
| only has met on a public keysigning-party (case 4)? That means that=
 his
| key has been signed by persons, that I cannot ask personally if the
| person they checked really is the person I expect him to be (like c=
ase
| 2) and I cannot recognise any relationship to him (like case 3). Th=
en I
| only know (to the extend as anybody can check IDs and to the extend=
 as I
| trust the signer), that the person who owns the key really has the =
name
| in the UID. But how do I know that the key belongs to the person I =
want
| to communicate with, in face of the fact that many names are not qu=
ite
| unique? Often I cannot even be sure that the email-adress of the pe=
rson
| is the one of the person I want to communicate with, because (as I =
don't
| have direct contact with him, as in case 1) I often get adresses fr=
om
| the Internet, so it might be the adress of some attacker. Secondly =
the
| email adress in the UID is usually not very well checked by signers=
, so
| it might belong to another person than I (and the signer) expect.
|
| The WoT clearly is not responsible for unique identification of per=
sons.
| But when I want to communicate securely with a person, I need this
| unique identification. In case 1, 2 and 3 this identification is gi=
ven
| with varying quality. In case 3 even with help of the WoT. But in c=
ase 4
| this unique identification is missing, and I can only solve this by
| direct contact with the key owner. But then I could much more easil=
y ask
| him for his fingerprint myself, so I don't need the signatures of C=
As or
| "public keysigners" anymore...
|
| Can anybody give me a good argument for CAs and public keysigning p=
arties?
|
| --
|
| Peter L. Smilde
| Budenheim, Germany
Their is a thread titled "Virtual Keysignings" in which we discuss th=
is
exact thing about 15 days ago I believe.

I contended exactly what you do.  A key signing party is not only
non-usefull, but its a breeding ground for authenticity holes IMHO.
(remember, crime is not an accident its intentional)  I don't want to
dump on the party bcause they seem like a fun social event, and us
computer users sometimes need social events.  Nevertheneless, I think
the WoT should be thought of as Your WOT.  If the WoT of a particular
person you are interested in includes 5000 entries/connections/etc. b=
ut
you do not know any of them, then their trustworthiness =3D=3D 0.  I =
think
the WoT is only as strong as its weakest link.  With that in mind, pa=
rty on.

You could also argue, a key-signing party is a police raid waiting to
happen.  Can't you just see somebody misunderstanding and thinking th=
is
"key" party is some kind of drug bash!?  OK, so I digress...

PGP is a good 'tool' to help you authenticate a person against a
standard.  Its your job to secure that standard.  Identities can not =
be
SWITCHED on you with PGP.  It will require some outside techniques to
first establish initial identification.  those techniques should be
based on your authenticity requirements.

Thats my 2=A2




- --
Thank you,


CL Gilbert
Free Java interface to Freechess.org
http://www.rigidsoftware.com/Chess/chess.html
"Then said I, Wisdom [is] better than strength: nevertheless the poor
man's wisdom [is] despised, and his words are not heard." Ecclesiaste=
s 9:16

GnuPG Key Fingerprint:
82A6 8893 C2A1 F64E A9AD  19AE 55B2 4CD7 80D2 0A2D
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE+8HYaVbJM14DSCi0RAs/EAKCrUq601UCYpURnxKpyRHvdDxfzrQCfXJ7g
TOwQOv6i99/DwijQ8dQWtY0=3D
=3D0EnW
-----END PGP SIGNATURE-----