Signing a key (meaning)

Daniel Kahn Gillmor dkg at fifthhorseman.net
Sat Apr 9 00:27:08 CEST 2011


On 04/08/2011 06:02 PM, Jan Janka wrote:
> I think there's no benefit, because everybody who issueses a key (even an attacker) wants to receive information encrypted with that key, - otherwise he wouldn't issue it. Thus he will place an email address in the ID he has access to. So I think we can take this for granted.

But if an attacker puts his e-mail address on a key he claims to be
mine, he won't get my mail sent to (or encrypted to) him.

Many people already know Bob's e-mail address; if they're sending mail
do bob at example.net, they're not going to encrypt that mail to a key that
has "Bob <eve at example.com>" as the only User ID.

OTOH, if Eve suspects she might at some point get access to a message
that was sent to Bob, it's in her interest to put *Bob's* e-mail address
on a key and try to get people to accept it as Bob's (rather than
putting her own address on it).

You're right that if Eve *already* has access to Bob's inbox, then the
e-mail access check won't be a terribly useful test (though as soon as
people start encrypting mail to Eve's key and mailing it to Bob, Bob
ought to notice).  But the e-mail access control check *does* protect
against the attack scenario where at the time of keysigning, Eve does
*not* have access to Bob's inbox.  It protects the contents of the inbox
(because people send messages encrypted to the correct key) when some of
Bob's mail accidentally leaks to Eve later.

> The reason why the email address is in the user ID is for convenience (so everybody knows where to send emails) and makes sure keys can be easily found on the keyserver. Apart from that it enables user to distinguished between keys of persons with the same name.

This is pretty critical in some contexts.  E-mail is a (mostly) unique,
global identifier.  "John Smith" is not.

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110408/0c3ba62e/attachment.pgp>


More information about the Gnupg-users mailing list