About PGP Signing a File.

Matthew Flaschen matthew.flaschen at gatech.edu
Tue Feb 13 10:42:47 UTC 2007 

Jeffrey F. Bloss wrote:
> Matthew Flaschen wrote:
> 
>> Michael R. Head wrote:
>>> On Mon, 2007-02-12 at 22:13 -0800, John L Fjellstad wrote:
>>>> Ouattara Oumar Aziz <wattazoum at gmail.com> writes:
>>>>
>>>>> That's why, when I see some people on some mailing list signing
>>>>> there mail using PGP I just wonder what they want to prove. We
>>>>> have no way to check the authority behind that key.
>>>> Authority has nothing to do with (unless you know the person).
>>>> But you can be sure that the person who claims he wrote an email
>>>> yesterday is the same person who wrote the email today if the
>>>> signature match.
>>> Correction: *reasonably sure*
>>>
>>> It's entirely possible that the guy's keys were stolen in the
>>> intervening night.
>> Also true, but that's what revocation certificates
>> (http://www.pgp.net/pgpnet/pgp-faq/pgp-faq-key-revocation.html) are
>> for. Constant vigilance.
> 
> If your keys have been compromised a revocation certificate is mostly
> useless.

Eh?  An attacker can sometimes create a false revocation certificate,
but that doesn't stop you from creating a real one.  It's true that it
won't propagate perfectly over automated systems, but you can also use
the same out-of-band communications you should have used to establish
your identity.

 In fact a nefariously created revocation certificate is one
> potential attack vector. Imagine the fun you'd have trying to
> reestablish a secure communication channel starting from scratch, when
> someone has effectively demolished the mechanism you were using to
> authenticate yourself. :(

That's true, but a totally separate issue.

> Yet another reason PGP should never be used for proof of identity...

No, you establish your identity (i.e. tie a real-world identity to a
given key) separately (in person), then use PGP to show that key is the
source of a message.

All security mechanisms are vulnerable if you lose the secret.  So,
don't do that then.  PGP is not unique, and is better than most because
you're not supposed to share a secret with anyone (unlike e.g. passwords).

Matthew Flaschen

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20070213/27f25a92/attachment.sig>

More information about the ubuntu-users mailing list