[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: subjective names and MITM

[email protected] writes (where I have taken the liberty of
reformatting for 80 columns):

> Now mail is far easier to fake/intercept than a digital
> signature/encryption - at least I hope so. Therefore if Hal where to
> sign all of his messages I could check the signatures with a public key
> obtained from anywhere at all and if they passed then I could be
> confident that the messages were all written by the entity with control
> of the secret part of the key - at least far more confident than I am
> at all of the mail from [email protected] actually comes from
> there. So instead of me getting the idea that [email protected]
> posts interesting messages I get the idea that the holder of the secret
> key posts interesting messages - I would probably still use the mail
> address as keys are less convenient with current mail readers but that
> is an implementation problem. Hals reputation is therefore transfered
> to they key - no matter where I got the key from. So if I send
> encrypted mail to the person with the private part of Hal's key I can
> be sure that it can only be read by the person who actually sent the
> messages pertaining to be from Hal.

Well, this is not necessarily the case.  A MITM may be signing my
messages for me, and then putting them back the way they were before I
am allowed to see them.  Granted, this would not be easy, and perhaps
the difficulty of this would be great enough that you will feel
comfortable using an unsigned key.  But if it were accomplished, then
your messages to me would actually be insecure.  No matter how
convinced you became of my sincerity and trustworthiness, actually our
conversations would be overheard by a third party despite both of our
efforts to the contrary.  Our use of encryption would be rendered
futile.  Doesn't this bother you?