Best practice for periodic key change?
mailinglisten at hauke-laging.de
Tue May 10 03:42:47 CEST 2011
Am Montag, 9. Mai 2011, 19:51:12 schrieb MFPA:
> Could that be a form of attack? Bob and Mallory sign a contract of
> some kind - it transpires the contract benefits Bob - Mallory tries to
> make it look as if Bob had not signed.
That would not work for several reasons which arise not from technical aspects
but the circumstances:
a) Usually the contract mentions the partners. Mallory would have to claim
that somebody else had signed that though that obviously does not make any
sense. Furthermore this other one would deny that.
b) It would be obvious that the secret key of the subkey has been stolen. That
would be a huge risk for the one who has stolen it. He would have to stand up
in public and state: "Only two people can have stolen the key. One of them is
me." I am not experienced with criminals but I really doubt that this sounds
interesting to them.
c) Mallory cannot have created signatures before he stole the key. Bob usually
has created a lot. Everyone who claims to have seen a signature of the key in
question by Mallory before the (probably unknown) date of theft is at serious
risk to be proven to have lied in court. This would be possible with very new
> There is a third way: amend the law so that the Web of Trust is used
> instead of the CAs.
This is not about the source of trust IMHO. I think that the major aim of the
law is to prevent the stealing of keys because that would reduce the trust in
digital signatures in an amount a modern society cannot afford. Thus the law
requires hardware protection. Whether a hardware-protected key is certified by
a CA or (strongly enough) by a WoT is less important.
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 555 bytes
Desc: This is a digitally signed message part.
More information about the Gnupg-users