Why CAs or public keysigning?
Wed Jun 18 16:25:01 2003
-----BEGIN PGP SIGNED MESSAGE-----
Peter L. Smilde wrote:
| What is the worth of signatures from public keysigning-parties or C=
| face of non-unique names? Especially when only names are checked an=
| (usually) not (or only superficially) the email-adress.
| When I am in direct contact with a person (case 1), then I usually =
| he is the person I want to communicate with (so it is not really
| necessary to check his identity). In this case I can ask him for th=
| fingerprint of his key to be sure that I use no fake key of some ot=
| person. So far OK. In this case, I don't need any other signatures.
| I only need signatures, when I am not able to check the key fingerp=
| personally. When I know that a trustworthy friend of mine has check=
| the fingerprint and signed the key (case 2), then finding his signa=
| on the key makes it very likely, that it is no fake key. Although i=
| even better to ask my friend, if the key really belongs to the pers=
| want to communicate with, because he might have signed a key of a p=
| with the same name. So far still OK.
| It is still OK, when a key has a lot of signatures of people I know=
| be friends, collegues, relatives of my communication partner or jus=
| persons I know (an unusal case though) to have been at the same
| keysigning-party (case 3). Then I don't have to ask them if he is t=
| right person, because it is quite unlikely, that another person wit=
| same name has the same acquitanceship.
| But what, when I (or my trustworthy friends) don't have direct cont=
| with a person and his key has only been signed by CAs or by persons=
| only has met on a public keysigning-party (case 4)? That means that=
| key has been signed by persons, that I cannot ask personally if the
| person they checked really is the person I expect him to be (like c=
| 2) and I cannot recognise any relationship to him (like case 3). Th=
| only know (to the extend as anybody can check IDs and to the extend=
| trust the signer), that the person who owns the key really has the =
| in the UID. But how do I know that the key belongs to the person I =
| to communicate with, in face of the fact that many names are not qu=
| unique? Often I cannot even be sure that the email-adress of the pe=
| is the one of the person I want to communicate with, because (as I =
| have direct contact with him, as in case 1) I often get adresses fr=
| the Internet, so it might be the adress of some attacker. Secondly =
| email adress in the UID is usually not very well checked by signers=
| it might belong to another person than I (and the signer) expect.
| The WoT clearly is not responsible for unique identification of per=
| But when I want to communicate securely with a person, I need this
| unique identification. In case 1, 2 and 3 this identification is gi=
| with varying quality. In case 3 even with help of the WoT. But in c=
| this unique identification is missing, and I can only solve this by
| direct contact with the key owner. But then I could much more easil=
| him for his fingerprint myself, so I don't need the signatures of C=
| "public keysigners" anymore...
| Can anybody give me a good argument for CAs and public keysigning p=
| Peter L. Smilde
| Budenheim, Germany
Their is a thread titled "Virtual Keysignings" in which we discuss th=
exact thing about 15 days ago I believe.
I contended exactly what you do. A key signing party is not only
non-usefull, but its a breeding ground for authenticity holes IMHO.
(remember, crime is not an accident its intentional) I don't want to
dump on the party bcause they seem like a fun social event, and us
computer users sometimes need social events. Nevertheneless, I think
the WoT should be thought of as Your WOT. If the WoT of a particular
person you are interested in includes 5000 entries/connections/etc. b=
you do not know any of them, then their trustworthiness =3D=3D 0. I =
the WoT is only as strong as its weakest link. With that in mind, pa=
You could also argue, a key-signing party is a police raid waiting to
happen. Can't you just see somebody misunderstanding and thinking th=
"key" party is some kind of drug bash!? OK, so I digress...
PGP is a good 'tool' to help you authenticate a person against a
standard. Its your job to secure that standard. Identities can not =
SWITCHED on you with PGP. It will require some outside techniques to
first establish initial identification. those techniques should be
based on your authenticity requirements.
Thats my 2=A2
Free Java interface to Freechess.org
"Then said I, Wisdom [is] better than strength: nevertheless the poor
man's wisdom [is] despised, and his words are not heard." Ecclesiaste=
GnuPG Key Fingerprint:
82A6 8893 C2A1 F64E A9AD 19AE 55B2 4CD7 80D2 0A2D
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----