PGP/MIME considered harmful for mobile
ben at adversary.org
Thu Mar 3 06:22:29 CET 2011
On 3/03/11 3:17 PM, David Shaw wrote:
> The premise (more or less) was that a guy named Martin (RM) was on a
> mailing list and signed all his mail. After some time, a new guy
> (FM) shows up and claims that he is, in fact, Martin. FM may have
> his own key or may not have a key at all. It doesn't matter,
> because the members of the mailing list can see, by means of RM's
> signatures, a continuity of communication. They can tell RM apart
> from FM, simply because only RM can issue the signatures they've
> been seeing on his messages.
Right, so FM's only spoofing ability via a key would be to create one
in the same name as Martin and hope that people collecting keys would
just add it and not double-check the key ID/fingerprint. I'd misread
that as FM doing something sneaky to generate a key that had a
matching key ID (though probably not a matching fingerprint).
> Now, there are limits to this technique. They can't tell who is
> really "Martin" (i.e. they can't bind the name to a real-world
> person) without some other information, but in the context of
> Internet communication that frequently doesn't matter.
That's probably the case for a lot of GPG usage.
> They can tell which one is the guy they've been talking with for all
> this time. Which one is *their* Martin, if you like.
Which is one of the valuable sides to signing all or most messages.
It helps prove when spoofing has occurred.
> Despite all the noise in the thread, it's nothing terribly odd.
> It's just the way nym keys work.
Yeah, I played with that years ago, but for the most part it was just
too irritating for most things I wanted to do. Anonymity and
pseudonymity can be useful, but for my part that's only for certain
specific projects. I did once create one to play with a journalist
researching the Echelon program in the 1990s, that was fun, even got
him to use one of those international releases of PGP.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 227 bytes
Desc: OpenPGP digital signature
More information about the Gnupg-users