On message signing and Enigmail...

Doug Barton dougb at dougbarton.us
Wed Feb 1 22:12:56 CET 2012


On 02/01/2012 13:05, gnupg at lists.grepular.com wrote:
> On 01/02/12 20:45, Robert J. Hansen wrote:
> 
>>> On the issue of signing:  I do sign my messages, and have
>>> uploaded my public keys to key servers, so they are available to
>>> check that no one has changed my message.
> 
>> Except that it doesn't.  What's to prevent me from creating a 
>> certificate with your name and email address and making posts in
>> your name, with a signature from a certificate that claims to be
>> yours?
> 
>> Nothing -- and that signature is every bit as credible as the one
>> that's from your own certificate.  You might say, "but that
>> certificate's a fraud, my certificate's real!", but the Christopher
>> Walters impersonator will say the same thing about you.  There's no
>> way to check.
> 
> Isn't this the whole point of the web of trust?

Different category of problems. But what does a large number of
signatures from people you don't know tell you more than a single key
without signatures?

> And if somebody uses the same key to sign mail repeatedly it builds a
> history and an identity.

It build the *appearance* of an identity. Did you not read Robert's
story of multiple people posting using the same key?

> It doesn't stop somebody else coming in and
> using a fake key, but that person can't successfully claim to be the
> same person who signed all the other mail. Not if the person who
> actually signed all of the historical mail still has access to that
> key and can call them out on it.

This much is true, yes.

> I've posted using the same key on probably a dozen mailing lists, I
> use it for all of my personal and work email. I use it to sign all of
> the comments on my blog. I use it to sign the front page of my
> website. There is very definite and obvious value in using the same
> key in multiple places to establish the connection between your key
> and your identity. Mailing lists are just another one of these places.

The only thing what you're doing proves is that at the time those things
were posted someone had control of the secret key, and that the messages
weren't altered after they were signed. Beyond that everything is
speculation.


Doug

-- 

	It's always a long day; 86400 doesn't fit into a short.

	Breadth of IT experience, and depth of knowledge in the DNS.
	Yours for the right price.  :)  http://SupersetSolutions.com/


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20120201/83a2d6d8/attachment-0001.pgp>


More information about the Gnupg-users mailing list