back signatures
David Shaw
dshaw at jabberwocky.com
Sat Nov 5 06:08:59 CET 2005
On Sat, Nov 05, 2005 at 01:47:08PM +1030, Alphax wrote:
> David Shaw wrote:
> > On Fri, Nov 04, 2005 at 02:24:09PM -0500, David Shaw wrote:
> >
> >>On Fri, Nov 04, 2005 at 10:15:16PM +0300, Pawel Shajdo wrote:
> >>
> >>>Salve!
> >>>Can somebody explain me what is "back signatures"?
> >>>Manual not very clear about this.
> >>
> >>It's a countermeasure against an attack against signing subkeys.
> >>Basically, the primary key signs all subkeys. With backsigs, the
> >>signing subkey also signs the primary key.
> >>
> >>Without this, an attacker can "steal" a signing subkey from someone
> >>else and try and pretend that a signature came from his own key. It's
> >>not a particularly good attack: the attacker can't issue signatures to
> >>prove his ownership.
> >
> >
> > I should add that this is a new feature for 1.4.3.
> >
>
> Has 1.4.3 been officially released yet?
Not yet, no.
David
More information about the Gnupg-users
mailing list