laying groundwork for an eventual migration away from SHA1 with gpg
Nicholas Cole
nicholas.cole at gmail.com
Thu May 21 12:32:14 CEST 2009
On Thu, May 14, 2009 at 2:46 PM, Micah Anderson <micah at riseup.net> wrote:
> David Shaw <dshaw at jabberwocky.com> writes:
>
>> I don't mean there are faster/easier/cheaper ways of doing this
>> mathematically. I mean boring old subterfuge like going to a
>> keysigning party with a fake ID, claiming to be someone else. I get a
>> bunch of signatures, and I'm done. It skips the whole difficult math
>> problem.
>>
>> I'm all for strong crypto protection against impersonation, but when
>> there is a non-crypto impersonation attack that has essentially the
>> same end result as a crypto impersonation attack, and the non-crypto
>> variant of the attack is vastly cheaper, faster, and easier than the
>> crypto attack, I do start to wonder what the point is of putting a
>> strong crypto defense against the crypto attack.
I've never quite understood "Key Signing Parties" for this reason. It
seems to me that OpenPGP and its web of trust provide an excellent way
to represent technically and securely trust relationships that already
exist. You can't use OpenPGP to create trust that doesn't exist
outside the system.
Best,
NC
More information about the Gnupg-devel
mailing list