Renewing expiring key - done correctly?
Robert J. Hansen
rjh at sixdemonbag.org
Wed Dec 4 01:26:09 CET 2013
On 12/3/2013 6:59 PM, Hauke Laging wrote:
> He could but he would need the secret mainkey for that operation
> and...
Could you please share a realistic scenario by which an attacker could
compromise a subkey without also having the ability to compromise the
primary signing key? I've been trying to come up with one and I just can't.
> ...keys without offline mainkey on insecure systems are a security
> joke anyway.
* There is no such thing as a secure (or insecure) system
* The words 'security' and 'insecurity' are intimately tied
to risk models: to use the words glibly deprives them of
any meaning
* There exist risk models in which an 'insecure system,' as
you would call it, is a perfectly reasonable place to
store a secret primary signing key
I'm sorry, but this entire argument is just too glib to be taken seriously.
> It may be possible to prevent someone from seeing the revocation
> certificate. Certificate distribution is a lot less secure than the
> keys themselves. But you cannot trick someone into using an expired
> key.
Of course you can. Reset their computer's clock. You don't even have
to compromise their computer in order to do it: compromising whatever
NTP server they're contacting is enough.
More information about the Gnupg-users
mailing list