[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: the problem that destroyed PGP




Hal Finney writes, in regard to web-of-trust:

> But this is not quite right.  The fundamental fact about PGP key signatures,
> which is often misunderstood, is this:
> 
> You can only communicate securely with someone whose key is signed by a person
> you know, either personally or by reputation.
> 
> In other words, if I want to communicate with [email protected], I can only do so
> if one of the signators of his key is a person I know.  If not, I have no way
> of judging the validity of his key.

There are, however, degrees of certainty here. The only person I trust
implicitly to sign keys is myself. If I have a key which is separated from
me by more than one hop in the web of trust, but still connected to me
via a chain of signatures, I have more certainty that this key is valid
than I do for an unsigned key. Granted, if I don't know the actual signator
of a particular key, my level of trust in the key's validity is pretty
low, but it's nonzero as long as it's connected by a chain of signatures.
The ease of mounting of a man-in-the-middle attack decreases with increasing 
signature connectivity, no?

Of course, the reality is that use of totally unverified PGP keys is
widespread, even among people who are well educated on the subject. This
is not a good thing in the long run.


                                  -- Will