New user needs some help

Daniel Kahn Gillmor dkg at fifthhorseman.net
Fri Jun 6 18:15:24 CEST 2014


On 06/06/2014 04:19 AM, Cpp wrote me privately (but later OKed publication):
> On 6/5/14, Daniel Kahn Gillmor <dkg at fifthhorseman.net> wrote:
>> there is a link to an explanation about it.  you can read the rationale
>> for it here:
>>
>>   http://thread.gmane.org/gmane.mail.notmuch.general/3721/focus=7234
> 
> Yes, that is where I got it from.
> 
> I am aware of the discussion thread at gmane. In fact I've read the
> entire chain before posting here, but I still didn't fully understand
> it. It seems to be some advanced way to distinguish keys via full
> fingerprints, but it doesn't seem to be a standard yet. By the looks
> of it, it's more like a temporary feature or a placeholder for
> something else. The big question is whether I should add it to my key.
> The article above seems to think so though I'm not sure how useful the
> feature really is considering the fact that it's not that widespread.

including this notation allows a remote peer who receives a signed
message from you to reliably distinguish between two cases:

 0) this signature is bad

 1) this signature status is unknown and i just don't have the right key

Without the extension, a signature verification process has no way to
determine which of these scenarios is the correct one when the signature
doesn't appear to validate.

Without the extension, an attacker willing to do a fair amount of work
(2^64 operations -- not out of reach of an organization willing to
devote some time and resources) can create a key with a colliding long
keyID.  If the party verifying a signature is verifying against the
new/colliding key instead of the proper key, then all the signatures
will appear in this broken state.

few OpenPGP signature-verifying tools make this check currently; but
your messages may be verified by systems that you don't know about
(including systems in the future).  If you want to provide those tools
with an way to reliably distinguish between the two cases, you should
use the notation.

Regards,

        --dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 948 bytes
Desc: not available
URL: </pipermail/attachments/20140606/bd8e2dd0/attachment-0001.sig>


More information about the Gnupg-users mailing list