PGP security problems?
Robert A. Costner
pooh at efga.org
Thu Jul 3 01:30:46 PDT 1997
At 01:18 AM 7/3/97 EST, Carolyn Turbyfill (probably didn't) write:
>The email forgeries using bogus PGP keys to give the appearance
>that the messages are from PGP, Inc. and our employees are the
>result of a sick, twisted mind.
While a keyserver with no authentication has a very low barrier to entry
for false authentication, the barrier is not that much higher for even a
Verisign class three verification. I've continually said that the biggest
problem with secure authentication is that secure authentication is not
possible.
I hate to see people doing such things with keyservers and keys, but we all
knew the problem existed. I wonder where the solution is.
-- Robert Costner Phone: (770) 512-8746
Electronic Frontiers Georgia mailto:pooh at efga.org
http://www.efga.org/ run PGP 5.0 for my public key
More information about the cypherpunks-legacy
mailing list