Signing a key (meaning)

Jan Janka takethebus at gmx.de
Sat Apr 9 00:58:09 CEST 2011


> But if an attacker puts his e-mail address on a key he claims to be
> mine, he won't get my mail sent to (or encrypted to) him.

If someone somehow gets that key, reads your name in the ID and relies on that name he might sent mail intented for you to the attacker's email address, that might even pretty much look like yours email address. 


>But the e-mail access control check *does* protect
>against the attack scenario where at the time of keysigning, Eve does
>*not* have access to Bob's inbox.

Yes, but the fingerprint check already protects against that, so why do we need another check?

>> The reason why the email address is in the user ID is for convenience >>(so everybody knows where to send emails) and makes sure keys can be >>easily found on the keyserver. Apart from that it enables user to >>distinguished between keys of persons with the same name.

>This is pretty critical in some contexts.  E-mail is a (mostly) unique,
>global identifier.  "John Smith" is not.

What do you mean with critical? 

"John Smith <john at hot.com>" is quite global and quite unique, although I don't check the email address before signing. 
1. John tells me john at hot.com. 
2. I believe him he has access to john at hot.com (see former email).
3. I find keys on the server by looking for john at hot.com.
4. I choose "John Smith <john at hot.com>", because I know his name. 
5. I make a fingerprint check on the phone (I know his voice). 
6. I sign the key. 
7. I upload the signed key to the keyserver.

If there is a clever attacker he might issue a key with the very same ID. People then looking for John's key will be presented the following list:

"John Smith <john at hot.com>" (signed by me)
"John Smith <john at hot.com>" 

If they don't know me they can simply do their own fingerprintcheck with John, otherwise they will take the signed key.

Thanks for your answers, I know I'm asking unorthodox questions, but I pretty much feel I'm right and the conventional procedure is partly unnecessary and thus hard to understand and difficult to use. 

Best regards, 
Jan



More information about the Gnupg-users mailing list