Protecting IDs at a key signing party

MFPA expires2012 at rocketmail.com
Mon Jan 23 23:52:27 CET 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Saturday 21 January 2012 at 10:01:51 PM, in
<mid:4F1B35CF.1000008 at sixdemonbag.org>, Robert J. Hansen wrote:


> If they want to mess with you, they don't need your
> permission.  As is, you've explicitly asked them,
> "would you please sign certificate 0xDEADBEEF,
> fingerprint so-and-so, here's my credentials."

True.



>  Then
> they're signing it with *their* certificate, backed up
> by credentials that you yourself checked.

Except that you have no way of knowing if the certificate they use to
sign the key will contain UIDs related to the credentials you were
shown, or something completely different.



> How is this a problem?

> You've been making hay out of this for years and I've
> yet to see any realistic example of this being a
> problem.  Please present one.

People being rude, insensitive, and potentially insulting, *is* a
problem. Not related to security but still a problem. If it were
possible to enforce the "keyserver-no-modify" flag, this problem might
well disappear.



>> More importantly, they are signing UIDs that may well
>> contain email addresses, without actually verifying
>> that you "control" those email addresses.

> Likewise, regarding making hay and a complete lack of
> realistic examples.

Are you suggesting it is sensible to check a person's name against
government-issued documents but to attempt any verification of email
addresses?

- --
Best regards

MFPA                    mailto:expires2012 at rocketmail.com

A candle loses nothing by lighting another candle
-----BEGIN PGP SIGNATURE-----

iQCVAwUBTx3ksqipC46tDG5pAQrAQgQAnDBspHgabHHXQL7/M7ZRBPp8GjSau4Nd
uwl4BK5HsS/L0BwOyJ0mE1tYl6vaXYFsx4PjqgIsAtgL+t31NDHwGylo69jWls4q
tDCJ3g2TNZjmACdcZ46/sp0SWT6/185SJqK8/TcS4SuUUpuXN5bHYeHZk4malUzB
gISjtERTmYk=
=8fr3
-----END PGP SIGNATURE-----




More information about the Gnupg-users mailing list