[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: True Names and Webs of Trust


 >> Zimmermann clearly understood all of this, but I don't think he
 >> documented it properly.  In my opinion, everyone should always
 >> think in terms of man-in-the-middle attacks when signing a public
 >> key.  Mandating "True Names" is just an overconservative approach
 >> suitable for people who don't fully understand the issue.

 wilcoxb> My point exactly.  My post "Stop Fixating on True Names" was
 wilcoxb> an attempt to clarify things to said people.

Then you didn't clarify very well; to wit:

 wilcoxb> Okay now does anyone want to do any of the above two things
 wilcoxb> to me?  If not then *don't* *worry* about whether my public
 wilcoxb> key is signed by anyone or not.  It makes zero difference to
 wilcoxb> you until such a time as one of the above motivations
 wilcoxb> acquires.

 wilcoxb> Zimmermann et al. were/are naive to emphasize the Web of
 wilcoxb> Trust as a means of introducing strangers.

The first paragraph clarifies nothing because it is dead wrong; the
second because it is arrogant, offensive, and dead wrong.

 wilcoxb> From this perspective, the Web of Trust is the soul of
 wilcoxb> public-key cryptography.  From the other perspective ("Never
 wilcoxb> ever sign a key which you got off of a bulletin board!"
 wilcoxb> warns "pgpdoc1.txt") it is a cute anachronism.

The Web of Trust is a means of thwarting active attacks;
nothing more, nothing less.  "Perspective" has nothing to do with it.

Given that active attacks are hard to explain and understand fully,
the PGP docs are correct to advocate a conservative approach to
signing keys.  Novices *should* be taught to take the Web of Trust
seriously.  (Yes, I am retracting my own statements quoted above; the
more I think about it, the more I think it is very hard to teach a
novice the details of active attacks.)

Moreover, I suspect that active attacks are more likely today than
when those docs were written, which makes their advice precisely the
opposite of an "anachronism".

Version: 2.6.2
Comment: Processed by Mailcrypt 3.3, an Emacs/PGP interface