TOFU

[Stefan Claas]

On Fri, 30 Jun 2017 20:35:48 +0200, Peter Lebbing wrote:
> On 30/06/17 20:01, Stefan Claas wrote:
> > Correct. But what i mean was an attacker would replace on of my pub
> > keys (which i signed) with one he/she only replaced with one that
> > has only the Trust Level set to Ultimate, resulting in both keys
> > showing up with a green bar.  
> 
> And to mitigate this situation, you proposed to colour ultimately
> trusted keys differently when they are used to sign a message. You
> proposed this several times in different messages.
> 
> So let's say your key is A, it's ultimately trusted. And you verified
> someone's key and signed it; this is key B. Data signatures by key B
> show up as valid with a green background.
> 
> Now consider the attacker. You say: he could inject key C, assign
> ultimate trust to key C and send me messages signed by key C. They
> would show up as valid. You want them to have a different colour.
> 
> But instead of that, the attacker could also inject key C into your
> public keyring and assign ultimate trust to it, and use this key C to
> certify another key D. The attacker then sends messages signed by key
> D, and since this key is certified by an ultimately trusted key (C),
> they will show up as valid with a green background.
> 
> As key A made data signatures by key B valid and green, key C makes
> data signatures by D valid and green. The situation is the same.

Good point! And what would be your proposal against this kind of
attack? :-) For me it is a) bad software design, with the same colors
for two different functions and b) also not good that Trust Levels can
be assigned (via third party apps) without entering my passphrase.

Regards
Stefan


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 488 bytes
Desc: Digitale Signatur von OpenPGP
URL: </pipermail/attachments/20170630/069e3aed/attachment.sig>