Proof of possession when exchanging keys
Ingo Klöcker
kloecker at kde.org
Fri Nov 15 23:28:12 CET 2013
On Friday 15 November 2013 11:39:30 Phil Calvin wrote:
> On Nov 15, 2013, at 11:02, "Thomas Harning Jr." <harningt at gmail.com> wrote:
> > The general practice I follow is to verify fingerprint and ID separately
> > then, in order to verify control of email address and private key, send
> > the signed ID encrypted to the provided email address.
>
> That makes perfect sense. That's the approach I took on the most recent key
> I signed.
>
> What attacks are mitigated by verifying control of the secret key, though? I
> am having a hard time grokking the benefit for someone whose ID you have
> verified to present and fingerprint a key which she does not control.
By signing the UIDs connected to a key you certify that the UIDs (most
commonly email addresses) belong to the same person. You and people trusting
your certifications could be lead into sending an encrypted message meant for
the owner of an email address not belonging to the key owner to one of the
email addresses of the key owner.
It may seem a bit far-fetched that somebody would use one of the email
addresses of the key owner instead of the email address of the intended
recipient, but a possible reason for this could be that the email address of
the intended recipient stopped working (e.g. because he changed his ISP or his
employer).
Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20131115/50d1cf1c/attachment-0001.sig>
More information about the Gnupg-users
mailing list