Re: Certificate proposal

[m5@dev.tivoli.com (Mike McNally)]

hfinney@shell.portal.com writes:
 > OK, but again, what about the man in the middle attack?  Suppose the
 > key that you found that claims to be from Bob is actually not his, but
 > another one created by a man in the middle, such as Bob's malicious
 > ISP?

You have several alternative means of verifying the key:

1) You can meet Bob at a local Pizza Hut and verify the key in person.

2) You can go through a variety of channels to a variety of other
trusted entities and verify with them that they're using the same key
for Bob.

3) You can set up some sorts of communications tests to "probe" for a
MITM situation, perhaps by passing through "seeded" information (data
taggants?).

 > I don't want to overstate the risk of this attack.  It would not be an
 > easy one to mount ... The risks of MITM attacks on public key
 > systems was recognized not long after those systems were proposed.  The
 > problems with fake keys have been discussed for over a decade.
 >
 > Why is this all suddenly irrelevant?  

I don't think it is irrelevant, I just think it's orthogonal to the
issue of whether a certificate for a key<-->entity relationship is
considered to be the key or an adjunct to the key.  I could be wrong,
of course.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~