Why CAs or public keysigning?
Dennis Lambe Jr.
Thu Jun 19 17:16:02 2003
On Thu, 2003-06-19 at 06:48, Peter L. Smilde wrote:
> 3: As Joseph Bruni stated: "The odds of you knowing someone who knows
> someone you know (three steps) are surprisingly high (at least in the
> US). I believe at last check the odds were around 1:100." That's right:
> We live in a so-called "Small World"-network, where the mean number of
> "hops" from one person to another is found out to be about 6.5, which is
> nicely approved by the mean "hop-count" of the strongly connected set of
> the WoT. But this means that with about the same magnitude of likelyhood
> you will find a ANOTHER person with the same name "signed by anybody who
> signed anybody that was signed by me".
[Read all of this with the assumption that the 'e-mail' field of UIDs
are usually invalid. Maybe they're not, but everyone else is assuming
they are, and if they weren't, this wouldn't be as interesting a topic.]
The WoT (and key signing in general) is designed to prevent malicious
entities from masquerading as your recipient in order to intercept your
message. It does this very well. If your enemy sends you a key and
says "I'm Dennis Lambe, here's my key", you can use the WoT to show that
nobody else you trust believes that he's Dennis Lambe. The only time
this breaks is, as you've observed, when your enemy really is named
Dennis Lambe. The chance that your enemy is this lucky /is/ remote,
even with the smallness of today's world.
If you go out searching for my key, you may find keys that aren't mine,
or keys that are mine but that I lost the secret key for and can't
revoke, but which clearly state that they belong to "Dennis Lambe Jr.".=20
The existence of a public key with my name on it doesn't belong to me
with any more confidence than an entry in the phone book with my name on
it. /However/, if you use the signature on the end of this message to
retrieve my public key, and you trust the signatures you find there,
then you know that not only am I probably /a/ Dennis Lambe Jr., but that
I'm /the/ Dennis Lambe who wrote this message, and therefore the one
you'd reply to if he's the Dennis you're interested in.
I guess there are two points here:
1) If you go out searching for a key, you might get misleading
information. If someone sends you a key, the WoT can verify that it is
who it says it is.
2) The likelyhood of two people you're <=3D3 degrees from having the same
name may be high enough to be of consequence, but the likelyhood that
one of them is one of the malicious agents trying to get their hands on
your data is considerably lower. If it's still not good enough for you,
then adjust your trust calculation parameters (what are they called?) so
that only your most trustworthy compatriots can convince you that
another key is genuine, and check facts about his key with them if you
The WoT greatly reduces the abilities of entities that wish to
masquerade as valid recipients of your message. Nothing is foolproof,
not even strong crypto or PKI.
--Dennis Lambe Jr.
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: My public key is available at http://cif.rochester.edu/~malsyned/public_key.html
-----END PGP SIGNATURE-----