[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Digital signatures

>> Yeah, I know.  It makes it hard for a second person to say that
>> they're John Doe, but it's still dead easy for one person to say
>> they are, in the first place.
>> If another person decide they're going to claim their John Doe, make
>> a GPG/PGP key for their John Doe persona, their signed e-mails will
>> show up as being valid.  They are, they person who made *their* key
>> also made their message.  It's a different key than the other John
>> Doe, of course, but your mail &/or GPG/PGP client doesn't do that
>> sort of check.

Todd Zullinger:
> If you've got a gpg plugin for your mail that doesn't do this sort of
> check and provide a way to alert the user to the fact that the keys
> don't match, then that plugin is crap.

John Doe <johndoe example com> creates his own key, signs his messages,
publishes his key.  You receive his message, you check the key, it's

Moriarty decides to be a pain, creates an email account to masquerade as
John as well "John Doe" <johndoe example org>, creates his own key,
signs his message, publishes his key.  You receive his message, you
check its key (automatically fetched by using the ID code present in the
signed message), it confirms the message and signature go together.

That's how every co-operative mail/PGP client I've used works.  There
really is nothing that either person can do to invalidate the other key.
It'd take a war of words between the two people in a common forum for
someone else to tell them apart.  Even then, some will believe they're
the same person, just playing at trolling games.  It's common enough for
users to have multiple addresses, and they may use separate PGP keys.

I don't want to test whether a keyserver will accept being given two
different keys for the same address (e.g. Moriarty faking mails sent as
johndoe example com rather than the second address).  It's just too hard
to take things out the system, it doesn't have a real delete
functionality.  But I suspect it will.  In the past I've submitted keys
to keyserver, and that's included two different keys that include a
common e-mail address.  A mail client wanting a key would be asking for
the key by ID not e-mail address.  It'll get the key that matches the
message they're checking.

> It's also possible that many users don't understand how to work with
> the pgp system and thus they ignore important pieces of information.
> There is some amount of work that needs to be done by each user in
> order to avoid various pitfalls.

There are some unavoidable pitfalls.

>> But have a look at the update notices.  Those are signed by the
>> person maintaining that package, I've only seen self-signed
>> messages.  None with a countersign to their signature.

> Where are those at?  I don't subscribe to the package announcement
> list and looking at the archives I didn't see any signtures, so either
> I'm not looking at what you're talking about or the list software is
> filtering the sigs.

Most aren't, I've got a few that do.  Just doing a quick search, I found
an old one, and attached it to this message.

[tim bigblack ~]$ rm -rfd /*^H^H^H^H^H^H^H^H^H^Huname -ipr
2.6.21-1.3228.fc7 i686 i386

Using FC 4, 5, 6 & 7, plus CentOS 5.  Today, it's FC7.

Don't send private replies to my address, the mailbox is ignored.
I read messages from the public lists.

--- Begin Message ---
Fedora Update Notification

Product     : Fedora Core 3
Name        : system-config-printer
Version     :                      
Release     : 1                  
Summary     : A printer configuration backend/frontend combination.
Description :
The printconf utility is a printer configuration and filtration system
based on magicfilter (the alchemist data library) and the foomatic
filter system. It rebuilds local print configuration and spool
directories from data sources at lpd init time, and is integrated to
use the multi-sourced features of the alchemist data library.

Update Information:

Bug-fix release.

* Fri Jan 28 2005 Tim Waugh <twaugh redhat com>

  - Fixed LPD checkbox (bug #142978).
  - Allow digits at the start of the queue name (bug #121772).

This update can be downloaded from:

23e15ab52f2d5591972707526efffd48  SRPMS/system-config-printer-
e3d5c8599d44b6fa46e319a07e0f1b07  x86_64/system-config-printer-
c5c50bc84f959ebb89fcfee260154cc4  x86_64/system-config-printer-gui-
46c1f879b2cbf8ca597d7256e2451ea8  x86_64/debug/system-config-printer-debuginfo-
4b604588c52bfb91f76086b8cd530ced  i386/system-config-printer-
b0bfd1a281952a726bccc391a7ba6c9d  i386/system-config-printer-gui-
b578c2549b21a86f804ccd428340ea24  i386/debug/system-config-printer-debuginfo-

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  

Attachment: pgpmHUXwLXct7.pgp
Description: PGP signature

fedora-announce-list mailing list
fedora-announce-list redhat com

--- End Message ---

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]