[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PGP security problems?

To: [email protected]
Subject: Re: PGP security problems?
From: "Robert A. Costner" <[email protected]>
Date: Thu, 03 Jul 1997 04:15:36 -0400
In-Reply-To: <[email protected]>
Sender: [email protected]


At 01:18 AM 7/3/97 EST, Carolyn Turbyfill (probably didn't) write:
>The email forgeries using bogus PGP keys to give the appearance
>that the messages are from PGP, Inc. and our employees are the
>result of a sick, twisted mind.

While a keyserver with no authentication has a very low barrier to entry
for false authentication, the barrier is not that much higher for even a
Verisign class three verification.  I've continually said that the biggest
problem with secure authentication is that secure authentication is not
possible.

I hate to see people doing such things with keyservers and keys, but we all
knew the problem existed.  I wonder where the solution is.


  -- Robert Costner                  Phone: (770) 512-8746
     Electronic Frontiers Georgia    mailto:[email protected]  
     http://www.efga.org/            run PGP 5.0 for my public key

Follow-Ups:
- Re: PGP security problems?
  - From: ? the Platypus {aka David Formosa} <[email protected]>
- Re: PGP security problems?
  - From: Hallam-Baker <[email protected]>

References:
- Re: PGP security problems?
  - From: Carolyn Turbyfill <[email protected]>

Prev by Date: http://hipcrime.home.ml.org
Next by Date: Re: PGP security problems?
Prev by thread: Re: PGP security problems?
Next by thread: Re: PGP security problems?
Index(es):
- Date
- Thread