Proposal of OpenPGP Email Validation
Patrick Brunschwig
patrick at enigmail.net
Wed Jul 29 17:49:10 CEST 2015
On 29.07.15 14:07, Neal H. Walfield wrote:
> At Wed, 29 Jul 2015 01:03:53 +0100,
> MFPA wrote:
>> On Tuesday 28 July 2015 at 11:46:10 PM, in
>> <mid:87vbd3nbnx.wl-neal at walfield.org>, Neal H. Walfield wrote:
>>> At Tue, 28 Jul 2015 19:22:29 +0100, MFPA wrote:
>>>> It also eliminates any attempt to to establish a link
>>>> between the key and the email address in the UID.
>>
>>> I'm not so sure. Recall that we are not attempting to
>>> protect against attacks by nation states. As such,
>>> performing a week of computation each year is going to
>>> be too much to maintain for those who upload fake keys.
>>
>> And too much for people with multiple email addresses.
>
> It doesn't have to be per-email address. It is sufficient to attach
> it to the primary key.
This allows me to have patrick at enigmail.net verified OK. Then I add a
new UID mallory at evil.com and delete patrick at enigmail.net from the key.
And then I upload my key to the keyservers network, and I'll end up
where we are now.
>> This still seems less rigorous to me than having to receive an email
>> sent to that address and decrypt it with that key. I guess it's a case
>> of swings and roundabouts.
>
> Well, I don't like the CA model and that's what Nico is basically
> proposing (with less rigorous checks). Another huge disadvantage is
> that user's have to actively participate by replying to emails /
> visiting a link.
>
> Using PoW, no human intervention is required and there is no central
> authority. PoW relies on the assumption that conducting an attack is
> too expensive to do / maintain.
The whole point of this exercise is to verify that the key and the email
address(es) belong _together_. I don't see how PoW could do this, or I
didn't understand it well enough.
-Patrick
More information about the Gnupg-users
mailing list