Keysigning challenge policies/procedures

Ingo Klöcker kloecker at kde.org
Sun Jul 9 14:20:50 CEST 2006 

On Sunday 09 July 2006 06:27, Alphax wrote:
> Michael Kallas wrote:
> > David Shaw schrieb:
> >> I've been away on vacation and only picked up this thread now. 
> >> This statement is not correct.  Back in the PGP 2.x days, this
> >> might have been true, but with OpenPGP, there is no particular
> >> requirement that the ability to sign and the ability to decrypt
> >> are connected.  You can have a shared key with separate
> >> capabilities.
> >>
> >> Sending an signed key via encrypted mail does not ensure anything
> >> about the key owner.
> >
> > Why not?
> > Sorry, this conclusion was too fast for me, could you please
> > explain a little bit?

The key (i.e. the primary key) could belong to a group, but only one 
person of the group might be the key owner (i.e.  have full access to 
the key) or even no member of the group might be the key owner, but 
only a superior entity like the company's CA. Moreover, each member of 
the group could have a separate encryption subkey.

This example should explain why sending a signed key via encrypted mail 
doesn't ensure anything about the key owner.

Of course, with respect to keys belonging to real persons rather than to 
entities/companies/etc. this example is probably not that convincing.

> Suppose you send an email to Address W and encrypt an "authentication
> token" to Key X. You recieve a reply from Address Y, containing the
> authentication token, which has been signed with Key Z.
>
> This tells you that /someone/ with access to W has recieved a
> message; /someone/ with access to X has decrypted it; /someone/ with
> access to Z has signed a reply; and /someone/ with access to Y has
> sent a reply.

Except for the Y part this is correct. But the contents of the From 
address, i.e. Y, means absolutely nothing.

> Keys X and Z may or may not be the same key or subkeys of the same
> primary key, addresses W and Y may or may not be the same, and Y may
> or may not have been faked (which is trivial).

Exactly. And therefore you shouldn't have written above "and /someone/ 
with access to Y has sent a reply" because anyone could have sent the 
reply.

Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : /pipermail/attachments/20060709/dc83d645/attachment.pgp

More information about the Gnupg-users mailing list