[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: key for Alice as promised (not)

>On Tue, 28 Nov 1995, Adam Hupp wrote:
>> >Can you imagine??  I'm simply not willing to fool myself into thinking 
>> >that I ahve security by posting a key and using PGP.
>> Unless you can post some proof that PGP is insecure, stop insisting it is.
>Hold on a minute.  Alice is, here, 100% correct.

no, he isn't.  He isn't even using a minimal effort to prevent spoofing, and
he's blaming this on the fact that some particular piece of software (for
example, PGP) isn't absolutely foolproof. 

>If I use PGP to read messages and there's a videocamera trained on the 
>keyboard, and other people have access to the machine, PGP is not 
>secure.  Similarly, if PGP is on a computer which other people may use 
>without my supervision, they can  monitor keystrokes, etc. and PGP is not 

True but irrelevant.  This is especially true since the only purpose to
signing messages to a public area is to prevent spoofing.  If somebody does,
indeed, figure out how to break (say) a 1024-bit PGP key and "Alice" gets
spoofed, HE WILL KNOW because he will see a message with his signature that
HE KNOWS he didn't send.  At that point, he will at least be able to reduce
the number of spoofed messages to 1 before he alerts us that there is a
problem.  We won't necessarily know who to believe, of course, but we will
know that one of a number of this is probably true:

1  "Alice" is lying to us.   (by far the most likely.)

2.  Somebody actually has physical access to "Alice's" machine and is
actively using it to spoof messages.

3.  Somebody found out how to break 1024-bit PGP keys easily.  (Very
unlikely, of course.)

>A chain is only as strong as its weakest link; Alice recognizes this, and 
>makes no claim that PGP itself is the weak link. 

But "Alice" resists using ANY chain at all!