Re: key for Alice as promised (not)
On Tue, 28 Nov 1995, Adam Hupp wrote:
Can you imagine?? I'm simply not willing to fool myself into thinking that I ahve security by posting a key and using PGP.
Unless you can post some proof that PGP is insecure, stop insisting it is.
Hold on a minute. Alice is, here, 100% correct.
no, he isn't. He isn't even using a minimal effort to prevent spoofing, and he's blaming this on the fact that some particular piece of software (for example, PGP) isn't absolutely foolproof.
If I use PGP to read messages and there's a videocamera trained on the keyboard, and other people have access to the machine, PGP is not secure. Similarly, if PGP is on a computer which other people may use without my supervision, they can monitor keystrokes, etc. and PGP is not secure.
True but irrelevant. This is especially true since the only purpose to signing messages to a public area is to prevent spoofing. If somebody does, indeed, figure out how to break (say) a 1024-bit PGP key and "Alice" gets spoofed, HE WILL KNOW because he will see a message with his signature that HE KNOWS he didn't send. At that point, he will at least be able to reduce the number of spoofed messages to 1 before he alerts us that there is a problem. We won't necessarily know who to believe, of course, but we will know that one of a number of this is probably true: 1 "Alice" is lying to us. (by far the most likely.) 2. Somebody actually has physical access to "Alice's" machine and is actively using it to spoof messages. 3. Somebody found out how to break 1024-bit PGP keys easily. (Very unlikely, of course.)
A chain is only as strong as its weakest link; Alice recognizes this, and makes no claim that PGP itself is the weak link.
But "Alice" resists using ANY chain at all!
-----BEGIN PGP SIGNED MESSAGE----- Hello Jon Lasser <jlasser@rwd.goucher.edu> and jimbell@pacifier.com (jim bell) and cypherpunks@toad.com jim bell wrote:
On Tue, 28 Nov 1995, Adam Hupp wrote: ...
One reason why Alice might not want to use PGP would be that posession of the secret key would be ipso facto evidence that he is Alice. ...
spoofed, HE WILL KNOW because he will see a message with his signature that HE KNOWS he didn't send. At that point, he will at least be able to reduce the number of spoofed messages to 1 before he alerts us that there is a problem. We won't necessarily know who to believe, of course, but we will ...
Who to believe: at that stage, Alice will simply cease to exist. The key will be revoked and Alice will be no more. A new Alice may or may not arise, but no-one will know if it's the same one. If Alice is afraid of loss of identity (as if he had one now), he could have a permanent key at home (where he does his OTP work), and on his e-mail machine have only a temporary key. When the key on the public machine is compromised, it is revoked and a new one is issued. (The same can be done with real-name keys, BTW; viz my own key.) ...
3. Somebody found out how to break 1024-bit PGP keys easily. (Very unlikely, of course.) ...
In this case I think we are all stuffed. Adiau' Jiri - -- If you want an answer, please mail to <jirib@cs.monash.edu.au>. On sweeney, I may delete without reading! PGP 463A14D5 (but it's at home so it'll take a day or two) PGP EF0607F9 (but it's at uni so don't rely on it too much) -----BEGIN PGP SIGNATURE----- Version: 2.6.2i iQCVAwUBML2cAyxV6mvvBgf5AQFU7wP/ap/HA2SzMfRoM+5Rihw+j9RHC7aZNCtq ZcUbXJRVXA2iDZfTE/vd5NgYDxEflyb9FwcGd8MZ8s0pxmee/iqEx3YXI0M2b7gL HOex526hifweAQmaPoSQLWqiN4XVZ51XVBvKOJos/9eOX9FAZDRQZd6KFBaSqIcc ZpzQ54NLm0g= =BLPi -----END PGP SIGNATURE-----
participants (2)
-
jimbell@pacifier.com -
Jiri Baum