Duplicated User IDs arisen
David Shaw
dshaw at jabberwocky.com
Mon Jun 21 14:25:28 CEST 2004
On Mon, Jun 21, 2004 at 01:26:22PM +0200, Werner Koch wrote:
> On Wed, 16 Jun 2004 23:04:02 -0400, David Shaw said:
>
> > distribution channel does not have to be secure. Who cares if a
> > keyserver is hacked up one side and down the other? Unless it is
>
> We use keyservers also for revocations. A cracked keyserver might
> ignore revocations for certain keys and thus gives the attacker a way
> continuing the use of a compromised key.
But there is a crucial difference between a secure distribution
channel and a reliable distribution channel. An attacker cannot
falsely revoke a key - the best he can do is try to prevent a
revocation from being distributed.
This is similar to a denial of service where the attacker tries to
prevent a user from getting a key in the first place, in hopes they
will send a message unencrypted.
David
More information about the Gnupg-users
mailing list