[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [local] Report on Portland Cpunks meeting



In message Wed, 24 Jan 1996 00:32:37 -0800,
  [email protected] (Lucky Green)  writes:

> How do they verify that the person confirming the fingerprint is indeed
> the person supposedly owning the key?

It is pretty hard, that is one of the reasons the web-o-trust is broken.
You can make it better by requiring the person to actually use
the key, which proves that he/she has the passphrase.

At the last key signing at the DC-area cypherpunks meeting, I told
everyone my name was Boris Badanov. Even tho the key's userid
said [email protected].

Carl Ellison suggests that the signature should have a much weaker meaning,
roughly: "The person owning the secret key associated with this public
key's tag has characteristic X." Obviously X could be "claims to be Pat"

Thus if Lucky gives me a key, I don't know what his/her real name is,
and don't care. All I have to do is see them actually sign something
I give him/her with the key.  Of course we need to rule out
man-in-the-middle attacks. For me, I would buy off on watching the
signing on a standalone laptop while I watch from accross the room.


Interesting atack: Assume there is a chain of keys, with
Lucky feeding keys to Klaus inside the laptop. I'd be signing
what I thought was Lucky's key, but it was really Klaus'.
Of course "Lucky" would have to have the secret passphrase for both
Lucky's and Klaus' keys.  It isn't clear to me if this is an
important case.

Equally questionable are tricks such as using an IR or wireless
transmitter to send my test data to another computer so that the
chain of MITM can be longer.


Pat

Pat Farrell    Grad Student      http://www.isse.gmu.edu/students/pfarrell
Info. Systems & Software Engineering, George Mason University, Fairfax, VA
PGP key available on homepage               #include <standard.disclaimer>