choosing an encryption target from a User ID

Daniel Kahn Gillmor dkg at fifthhorseman.net
Thu Oct 1 00:00:50 CEST 2009


On 09/30/2009 05:32 PM, Ingo Klöcker wrote:
> Hmm, AFAIU, for someone who does not blindly certify such keys this 
> shouldn't be a problem since those malicious keys wouldn't be valid and 
> thus wouldn't take preference over a valid key ... unless somebody else 
> this person trusts is trying to screw them.

The current gpg behavior is to use the first key with a matching User
ID, regardless of the validity of that User ID.  So this causes (at
best) warnings and alerts about using an invalid key or (at worst) lets
someone with marginal ownertrust abuse the user by taking precedence
over a fully-trusted certification if the keyring happens to be ordered
in a certain way.

	--dkg

PS i hear you about being paranoid and preferring to only trust my own
certifications.  but the larger pool there is of people who understand
the two simple concepts, the more comfortable i am granting trusted
individuals marginal ownertrust, and taking advantage of the WoT to
verify identities i've yet to directly verify myself.  It's way better
than trusting $DEITY-knows-who that comes pre-configured by default in
web browsers these days ;)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 891 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20090930/0b4f2f30/attachment.pgp>


More information about the Gnupg-users mailing list