signing a robot's key - was: Re: Global Directory signatures

Jeff Fisher jeff+gnupg at jeffenstein.dyndns.org
Sat Jan 1 13:05:01 CET 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On Thu, Dec 30, 2004 at 04:57:36PM -0500, Atom 'Smasher' wrote:
> On Thu, 30 Dec 2004, Jeff Fisher wrote:
> 
> > It's signing keys left and right, which started this whole discussion. 
> > Is there any doubt that this particular key is anything but what it 
> > purportes to be?  If so, where are the real signatures from the real key 
> > that is supposed to be fullfilling this role?
> >
> > For most of us, we're assuming that there is not an adversary with 
> > infinite resources out to get us.  If there were, I would not trust any 
> > signatures except my own, or those of personally trusted associates. 
> > (And probably not gnupg itself or this computer, but there it is...)
> ===============================
> 
> i (or anyone) can generate a key that's identified as "PGP Global 
> Directory Verification Key" and sign any number of keys with it. one can 
> even get a list of keys that have exchanged signatures with the real key 
> and sign all of them. that doesn't make it the real thing, but it sure 
> would cause a lot of confusion.

However, you couldn't replace the real signatures from this key without
breaking into keyserver.pgp.com.  You couldn't replace the role that this key
is serving without comprimising the very servers where the secret key has to
be stored.[1]

Also, anybody with a spare 5 minutes can verify that this key does indeed sign
their key when it is submitted to keyserver.pgp.com.  I just did, and I see
only a single signature from "PGP Global Directory Verification Key", which
matches the key I just downloaded from their website.

> 
> if i sign your key, and you sign bob's key, that doesn't mean that i 
> should go and sign bob's key (unless i first verify it with bob). sure, i 
> can trace a path from me to bob, but that's very different than signing 
> bob's key because of that path.

The difference is that people can directly verify the PGP directory key, which
is not the case in your example.

> 
> signing a key is a statement that one has checked and verified that the 
> key really belongs to the person or group identified by the key. unless 
> that verification is actually done, the only statement being made is that 
> someone is issuing bad signatures.

So, you don't believe keys can exist for roles. I do. Anybody who uses https
in a browser without first clearing the CA list does.  Tens of governments do.
Hundreds (or possibly thousands) of companies do.  Numbers don't make it
right, but they do define what actually works in the real world.

[1] Ok, there are dns attacks, but we won't go into all the possibilities
here...
- -- 
Me - jeff at jeffenstein.dyndns.org
-----BEGIN PGP SIGNATURE-----

iQIVAwUBQdaR7BwPMBUZyYf1AQiBuw//WL5wsDc3D/J1rCotOV0ie2L+RV4wPc+t
tDSFJQnhA4dyDC9bWFJSJhWB957Wje7OIKaehXdTKtY+5IOcb9U73+Qhtl2Oij+t
Nr+S4RFrTBpro72Pvmw5+rDLGRoT3qjqiMbr3eRDhtqwB3DpVPJm68ExcS9ClcaL
UsmyPnFoDTQlqn4BVVOlygjBxAtxeHeMI9AnmAKhsvduRPWxSHn91wB4uddJbgVT
7EiHxaJWNv+RMpnhUt1Q8vk9nVPpMjrjPAH3jEnpooBTp9nVTOVNJ2YZj9TRMFk/
aZyOTqXuuRU+98mmsu6+x2rXWuNNlKYLU50QQmoRcF1V+Jyhm9Z6Pia0u/MchMBq
pBUNrqjA4Vm0XBsUaJVpVHYQMdwfBSrDNiHhRed5BJmh5qN12ZCWkghNqaUMD3hD
hN1CauCMX7gvULgaL19x62/kSF4ib8PP4s9CS2Av6ODqSFO0IGt923yB4neVATAk
D5g0zBHZ/XTbMKVlHBymOypU3PIU3nNz8bOFm+MsNbdt4Q+o+we+MGUp4MFNLiUj
mJQGmm0eS1fH1msYR29k7bUi7ooyqa2LR+PKA9ijAG+O2+5SS5KO65I8IntcezR2
xjdQbyM6XBOj8OjsTY4ZDnlSk/OMEOuP3qNtoxGGwv0MFz5m/73gm5o+lkW9PXX4
gA5e0tQQx7I=
=UrBm
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list