[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

OPIN: PGP: When to sign keys



-----BEGIN PGP SIGNED MESSAGE-----

J. Michael Diehl wrote:

    I'm having a philosophical problem regarding when to sign someone
    else's public key.

    Obviously, if you watch someone generate a key, and they physically
    hand you a copy of it, you should sign it.  Fortunately, life has
    been this good to me about 5 times.  But what if life isn't so
    good?

    Lets say someone emails me a key and the return address matches
    that of the address in the key.  Do I assume no one is spoofing
    me?

Bad idea! The danger is not especially that the person you're talking
to isn't who he says he is.  Chances are you've never met him and
never will.  The danger is that a third person is intercepting
messages and substituting his own keys.  This allows him to monitor
your encrypted traffic, which is what encryption is supposed to
prevent.

My own rule for signing keys is that there must be a key verification
independent of the net.  i.e. nothing received by e-mail can be
depended on to verify a key. If you live any distance from the other
person, the most economical method is by postal mail.  I will sign
keys when I receive a mailed photocopy of any "official" picture ID,
along with a signed statement containing the key "fingerprint" (-kvc),
which matches the fingerprint of a key received via e-mail. You can
mail a letter anywhere in the world for less than $1.00. Any "spoofer"
short of governments (at either end) or organized crime will have a
hard time intercepting much less altering letter mail.

Another possibility is a phone verification.  The person who will be
signing the key should call the owner of the key at a -listed- phone
number (use the out-of-town phone books at the library, or check with
information at (xxx)555-1212.)  Don't rely on a phone number in
e-mail; it could be the spoofer's.  Once again, though, a government
or OC could arrange to intercept/divert incoming phone calls.

I also carry business-card-size pieces of paper with my name, net
address, and key fingerprint, with me.  I give them out at parties, or
anytime I physically meet someone who is on the net.  Person's
receiving the paper can use it to verify that the key I send them via
e-mail has the same fingerprint as on the paper.  Ideally, anyone
giving you such a card should also show you a driver's license or
other picture ID, before expecting you to go home and sign his key.

Phil Zimmerman has endorsed the idea of mail and phone verification;
this is the main reason the key fingerprint feature was added to PGP.
Phil signed my key based on a phone call.  Based on mail verification
I just signed a key from Taiwan! I've also signed two keys from
Germany with mail verification.

There are those (e.g. Perry Metzker) who think this standard is too
loose.  Opinions differ.

-----BEGIN PGP SIGNATURE-----
Version: 2.3.2/EWS

iQCVAgUBLEThEt4nNf3ah8DHAQGJfgP/W85P6IEkGYkmKeFe/px0XPfMvDqTMWXA
5kJ2cTIDRdSbLqDh0VdMsUaAtDR2nkWJKCFRnXA+GEttXy31gPGq6bY/Q19U8dAq
VzNHY0o2ldzrDmp77BQo2kqTapENvIxKkXFiFAATleoLt6hMAgfejRlci/uTfG7Z
NoCwQVeac7c=
=wwV4
-----END PGP SIGNATURE-----

--
[email protected] (Edgar W. Swank)
SPECTROX SYSTEMS +1.408.252.1005  Cupertino, Ca