Key selection order

Peter Lebbing peter at digitalbrains.com
Fri Jan 15 13:08:49 CET 2016


On 15/01/16 00:12, Andrew Gallagher wrote:
> No, because mitm doesn't mean one identity replaces another, but that the two
> identities become conflated.

Ah, we are ascribing different attributes to an "identity".

I think you mean an identity belongs to a specific person, an individual. If you
MITM, there are two people, so two identities.

I describe an "identity" as "this person who's been giving me good advice on
topic X for several months", for example.

Note that I cannot differentiate between someone who thought up the advice from
someone who is just forwarding someone else's advice.

If there's this individual A who has been giving me great advice, but all their
mails were MITM'ed such that individual B put their signature under it, B could
at any moment abuse this trust that A built and give me horrible advice that
results in something that is useful for B.

But the same could happen with A! I know the guy/girl only from their e-mails.
For all I know, A is biding their time to eventually screw me over. And they
could be asking someone else and only writing down their advice.

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>



More information about the Gnupg-users mailing list