Fwd: Re: Question for app developers, like Enigmail etc. - Identicons
Stefan Claas
stefan.claas at posteo.de
Tue Jun 6 18:39:50 CEST 2017
On 06.06.17 18:07, Stefan Claas wrote:
> On 06.06.17 04:11, Daniel Kahn Gillmor wrote:
>> On Tue 2017-06-06 01:24:43 +0200, Stefan Claas wrote:
>>> On 05.06.17 22:26, Daniel Kahn Gillmor wrote:
>>>> what does "bullet-proof" mean, specifically?
>>> For me it means that the idendicons should be visually easy to read
>>> and cryptographically secure. Sorry that i have no better explanation.
>> here's one way to try to frame the question: Imagine the situation as a
>> game, where you have two players on one team, "defense" named Alice and
>> Bob; Alice wants to send a message to Bob. Another player on the
>> opposing team, "offense", is named Mallory, is trying to send a message
>> to Bob as well, but trying to trick Bob into thinking that the incoming
>> message comes from Alice.
>>
>> The way the game is played, either Alice or Mallory gets to send a
>> message. Bob has to decide whether the message actually came from
>> Alice. If Bob gets it right, the "defense" wins. If Bob gets it wrong,
>> the "offense" wins. The game is played multiple times.
>>
>> Is that the scenario you're thinking of? If so, does the defense need
>> to win 100% of the time over thousands of games? or is it acceptable
>> for offense to win occasionally?
>>
>> In any case question is: how much work does Mallory need to do to get
>> Bob to make a mistake? How frequently can Mallory trick Bob into
>> accepting mail from her as though it were from Alice? Conversely, how
>> many messages that were actually from Alice can Bob accidentally reject
>> without making Alice upset enough to give up on the entire
>> communications scheme?
>>
>>
> In old times I would say if Bob and Alice don't know each other and they
> have no clue how that particular security software works it should be that
> the second message send to one person the security software already detects
> forgeries and reports that to a person. However, with that thinking it does
> not guarantee that Bob knows that Alice is not Eve. Therefore qualified CA's
> in my opinion are mandatory where each user in each country has to register
> with his/her id-card so that it's guaranteed that Alice is not Eve.
>
> Regards
> Stefan
>
Correction... instead "has" to register "may register"...
Regards
Stefan
More information about the Gnupg-users
mailing list