[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Signing text messages...



In Message Wed, 23 Dec 92 13:18:54 PST,
  [email protected] (Hal Finney) writes:

>Or are you suggesting that someone else could create a bogus public
>key claiming to mine, re-sign the message using that public key, and
>then get people to think it was from me?

     Perhaps they could alter the message, use a bogus public key, and
     re-sign the message.

>But no, I wouldn't, because people would (or should) know not to trust
>a random public key to be from whom it claims.  My posted key is
>signed by Phil Zimmermann.  This doesn't absolutely prove it is from
>me, but I think it makes it worthwhile to post the key.

     I didn't realize you had included a signed key.  Minus one point
     for research.  Yes, people SHOULD know not to use a publicly posted
     key.  But do they?

>Anyway, the real reason I posted the key in this case was so that
>people could check the cleartext signature to see if it had been
>mangled by various mail gateways.  That was the topic of discussion in
>the message, so I wanted to make it easy for people to try checking
>the signature.

     Then posting your public key was clearly the right thing to do.  I
     have noticed; however, that people have posted their public key
     along with a signed message before [there was a discussion on mangled,
     signed plaintext] and thought I would mention this to anybody who
     thought they were using infallible methods or authentication.

     I must urge everybody not to accept any key from a source other then
     person to person [or using a fone call to exchange MD5 hashes] unless
     it is signed by smoebody you HAVE exchanged keys with in this way.
     I hope nobody sees a message with a public key attached to it and says,
     "Oh!  There's a key I can add to my keyring", and abandons the entire
     key-exchange method.  TTFN!


     nobody saw
DrZaphod
[AC/DC] / [DnA][HP]
[[email protected]]
Technicolorized