PGP/MIME considered harmful for mobile

Ben McGinnes ben at adversary.org
Thu Mar 3 06:22:29 CET 2011


On 3/03/11 3:17 PM, David Shaw wrote:
> 
> The premise (more or less) was that a guy named Martin (RM) was on a
> mailing list and signed all his mail.  After some time, a new guy
> (FM) shows up and claims that he is, in fact, Martin.  FM may have
> his own key or may not have a key at all.  It doesn't matter,
> because the members of the mailing list can see, by means of RM's
> signatures, a continuity of communication.  They can tell RM apart
> from FM, simply because only RM can issue the signatures they've
> been seeing on his messages.

Right, so FM's only spoofing ability via a key would be to create one
in the same name as Martin and hope that people collecting keys would
just add it and not double-check the key ID/fingerprint.  I'd misread
that as FM doing something sneaky to generate a key that had a
matching key ID (though probably not a matching fingerprint).

> Now, there are limits to this technique.  They can't tell who is
> really "Martin" (i.e. they can't bind the name to a real-world
> person) without some other information, but in the context of
> Internet communication that frequently doesn't matter. 

That's probably the case for a lot of GPG usage.

> They can tell which one is the guy they've been talking with for all
> this time.  Which one is *their* Martin, if you like.

Which is one of the valuable sides to signing all or most messages.
It helps prove when spoofing has occurred.

> Despite all the noise in the thread, it's nothing terribly odd.
> It's just the way nym keys work.

Yeah, I played with that years ago, but for the most part it was just
too irritating for most things I wanted to do.  Anonymity and
pseudonymity can be useful, but for my part that's only for certain
specific projects.  I did once create one to play with a journalist
researching the Echelon program in the 1990s, that was fun, even got
him to use one of those international releases of PGP.


Regards,
Ben


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110303/1cde0c71/attachment.pgp>


More information about the Gnupg-users mailing list