basic identity mgmt

[Peter Lebbing]

On 17/01/16 03:19, Doug Barton wrote:
> Further I don't see signing as all that interesting either.
> [...]
> We can infer things about these topics from our knowledge/beliefs
> about the sender, but I can't think of any rational person would go
> along with a request to "Pay Joe $10,000" just because the message
> was PGP signed. Forget the validity of the key, that kind of request
> would require serious OOB authentication.

I'm sorry, this feels forced.

I suppose the payment is meant to be an outlandish request. I've heard
about banks using OpenPGP, I don't know what is usually in that
correspondence. It might be just bank statements.

So let's suppose it is an outlandish request. Just because someone would
not agree to an outlandish request based on a valid signature, this
doesn't mean there aren't reasonable requests that are horribly bad.

Let's take two political dissidents in a totalitarian regime. They
sometimes wish to meet up in real life, so one sends the other a signed,
encrypted request to "meet at 13:00 at X", and they talk.

Now a government agency sends one an encrypted message to "meet at 15:00
at Y" (you might notice I'm not a morning person). Then they wait for
him or her to pick them up and throw them in jail.

In this scenario, I'd say the signature key is damn important. It's on
par with the encryption key; if they had that, they could wait for them
at 13:00 at X, which is just as bad. But the signature key is equally
important, because they can sign a message to meet at 15:00 at Y with that.

So I think it's incorrect to say signatures are unimportant because you
can't get people to follow insane instructions. You need to look at the
sane ones.

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>