emails snowden and poitras

Rejo Zenger rejo at zenger.nl
Tue Oct 14 10:55:17 CEST 2014


Hi,

At <http://www.wired.com/2014/10/snowdens-first-emails-to-poitras/> 
there are some snippets of the e-mails Snowden sent to Poitras as an 
introduction. One of those e-mails says:

  "I would like to confirm out of email that the keys we exchanged were 
  not intercepted and replaced by your surveillants. Please confirm that 
  no one has ever had a copy of your private key and that it uses a 
  strong passphrase."

Of course, we don't have the full picture, but from the information that 
has been released, this seems to be surprising question: how would you 
be able to confirm that the keys are not replaced by asking to confirm 
that no one has ever had a copy of the private key? If they keys have 
been obtained by the adversary, the answer may be altered or not. In any 
case, the answer doesn't prove anything.

Of course, if Poitras would answer that her private key is in the hands 
of some other person, I expect her to have revoked to key anyways. 

So, what's the objective of Snowden, you think?

And yes, I am aware that Snowden says these steps are not bullet proof. 


-- 
Rejo Zenger
E rejo at zenger.nl | P +31(0)639642738 | W https://rejo.zenger.nl  
T @rejozenger | J rejo at zenger.nl
OpenPGP   1FBF 7B37 6537 68B1 2532  A4CB 0994 0946 21DB EFD4
XMPP OTR  271A 9186 AFBC 8124 18CF  4BE2 E000 E708 F811 5ACF
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 931 bytes
Desc: not available
URL: </pipermail/attachments/20141014/74ede16b/attachment.sig>


More information about the Gnupg-users mailing list