Tim wrote: > Tim: >>> Yeah, I know. It makes it hard for a second person to say that >>> they're John Doe, but it's still dead easy for one person to say >>> they are, in the first place. >>> >>> If another person decide they're going to claim their John Doe, make >>> a GPG/PGP key for their John Doe persona, their signed e-mails will >>> show up as being valid. They are, they person who made *their* key >>> also made their message. It's a different key than the other John >>> Doe, of course, but your mail &/or GPG/PGP client doesn't do that >>> sort of check. > > Todd Zullinger: >> If you've got a gpg plugin for your mail that doesn't do this sort of >> check and provide a way to alert the user to the fact that the keys >> don't match, then that plugin is crap. > > John Doe <johndoe@xxxxxxxxxxx> creates his own key, signs his messages, > publishes his key. You receive his message, you check the key, it's > confirmed. > > Moriarty decides to be a pain, creates an email account to masquerade as > John as well "John Doe" <johndoe@xxxxxxxxxxx>, creates his own key, > signs his message, publishes his key. You receive his message, you > check its key (automatically fetched by using the ID code present in the > signed message), it confirms the message and signature go together. > Well, keys are not automatically fetched with the OpenPGP plugin for Thunderbird. At least on my setup, I have to tell it to go get the key, and confirm the keyserver to use. This is only for keys not in the keyring. So someone using a new key for an e-mail address would show up because I would not have t he matching key in my keyring. this does require that you do not blindly download keys... > That's how every co-operative mail/PGP client I've used works. There > really is nothing that either person can do to invalidate the other key. > It'd take a war of words between the two people in a common forum for > someone else to tell them apart. Even then, some will believe they're > the same person, just playing at trolling games. It's common enough for > users to have multiple addresses, and they may use separate PGP keys. > One way that can help is if you have a web page on the server that matches your e-mail address. You can post an ASCII copy of your public key that people can use to verify your key. It does not help to verify that John Doe is a specific John Doe, but it does help you verify what key belongs to johndoe@xxxxxxxxxxxx You then set the trust level for that key higher then a key downloaded from a keyserver. (You can post the key signature and use the signature to be sure you have the correct key.) > I don't want to test whether a keyserver will accept being given two > different keys for the same address (e.g. Moriarty faking mails sent as > johndoe@xxxxxxxxxxx rather than the second address). It's just too hard > to take things out the system, it doesn't have a real delete > functionality. But I suspect it will. In the past I've submitted keys > to keyserver, and that's included two different keys that include a > common e-mail address. A mail client wanting a key would be asking for > the key by ID not e-mail address. It'll get the key that matches the > message they're checking. > Yes, you can have more then one key for an email address. You can have keys for different encryption methods, as well as keys that have different expiration dates. The key signature determines what key is used. It is also possible to find revoked keys on the key servers, so that if you get a message with the revoked key, you should get an indication that the messages was signed with a revoked key. (A good indication that the message should not be trusted... :) Mikkel -- Do not meddle in the affairs of dragons, for thou art crunchy and taste good with Ketchup!
Attachment:
signature.asc
Description: OpenPGP digital signature
