<As excerpted from Julf (admin@anon.penet.fi)
Richard Childers writes:
It is the user's job to hide his or her identity, but it should not be the programmer's responsibility to anticipate the user's failure to think at all. Someone who uses these tools without understanding the principles upon which they are founded - such as people whom accept keys from individuals whom are only electronically known - will quickly founder upon their own, um, state of stupor, and one should not undertake to protect them from this, as what you are pro- -tecting them from, in reality, is the opportunity to learn from their mistakes.
As wary as I am of expressing my ignorance, I'll give it a shot... I'm new to the Cypherpunks list and I'm just curious, is it going against the principles of PGP to "accept keys from individuals whom are only electronically known"? (if so, I guess I'm in a state of stupor) Most of my dealings on the internet are internet-exclusive, that is, I never meet the people with whom I communicate. With the exception of some locals, computer social life in FL, USA is pretty non-existant. I wish my communications to be secure and I believe that PGP is the best way and I will never have the opportunity to meet the people I talk to in Kansas or in New York (both places, I hope I never visit). If meat-relations are the only secure way I'm supposed to communicate, then I guess I'll have to use carrier pigeons. :) DISCLAIMER: Of course, I could be taking this TOTALLY out of context, and in that case this message should read: Hey, I really like this list... It's intellectually stimulating and a clearly positive influence on my life. How's the weather in Europe? I'm not trying to be argumentative, I just have serious questions about the keeping of public keys... here's another one... couldn't we assign one at birth... it'd be better than a social security number (dunno what you use in Europe), but a whole lot harder to remember... ALSO: We Mac users are wondering when MacPGP 2.1 will be out? Anyone have any contact info? thanks for reading my words. +-------Matt-Willis--------------------------------+ | Matt Willis ASTMWILL@STETSON.BITNET | elsewhere: | Matt Willis Head of the Underground | mwill@mindvox.phantom.com | Matt Willis Robotech PBM List | +-------Matt-Willis--------------------------------+ "Absolutely alone in awareness of the mechanism." -Agrippa by WG
Matt, You posted some very good questions. The reason why it is "unacceptable" to accept keys electronically is that you may be vulnerable to spoofing. Okay, in reality, you have to realize that attacking cryptographic protocols is a paranoid view of things, and that you may not be attacked, but... if you send your public key to somebody, it could be possible for someone to eavesdrop, grab your key, substitute their own, and send that one along. Then when someone responds to "you", the eavesdropper could read the message, re-encrypt it with the public key they stole, and send it along to you. Then, you don't even know you are the victim of eavesdropping. Anyway, it all boils down to validating the keys you receive. Which makes it tough unless you can meet people face to face. However, the latest version of pgp contains an option which computes the md5 hash of your public key - which allows you to call someone, and read each others hashes, thus completing the verification over the phone. Of course, now you have to worry about receiving their correct phone number... :-) /-----------------------------------\ | Karl L. Barrus | | barrus@tree.egr.uh.edu (NeXTMail) | | elee9sf@menudo.uh.edu | \-----------------------------------/
participants (2)
-
Karl L. Barrus -
Matt Willis