1994-03-29 - Re: Very funny, Polyanna :-( [namespace pollution]

Header Data

From: gtoal@an-teallach.com (Graham Toal)
To: karn@qualcomm.com
Message Hash: f12ba4cf017bb290f9c03b515749f497f8fae9db1e5aa05bfc4515971dda7851
Message ID: <199403291734.SAA20964@an-teallach.com>
Reply To: N/A
UTC Datetime: 1994-03-29 17:36:13 UTC
Raw Date: Tue, 29 Mar 94 09:36:13 PST

Raw message

From: gtoal@an-teallach.com (Graham Toal)
Date: Tue, 29 Mar 94 09:36:13 PST
To: karn@qualcomm.com
Subject: Re: Very funny, Polyanna :-( [namespace pollution]
Message-ID: <199403291734.SAA20964@an-teallach.com>
MIME-Version: 1.0
Content-Type: text/plain


:Isn't this really just a special case of the more general problem of
:deciding which keys on a public key ring you're willing to trust?
:Perhaps your mailer script should automatically encrypt only when a
:keyid is found with a signature trail that you trust.

No, that's a totally separate problem.  What I'm worried about is
some comedian publishing a public key for addresses like
"alt.security.pgp@cs.utexas.edu" or any of the common mailing
gateways, and suddenly people using auto-encrypting mail programs
find that no-one can read their posts.

It kind of throws a spanner in the works for completely transparent
pgp shells.

:I do see a signature for that key from Miron Cuperman. Perhaps
:you'd want to modify your trust parameters for him...

That's not the point; someday soon people will be using mailers
that auto-pgp without them even realising it.  I don't want to
have to hassle those people with interactive questions about whether
they trust someone, or force them to maintain personal lists of
bad addresses.

Whatever solution we can find will have to involve active support
from the keyservers I suspect.  thoth@netcom - I hope you're
listening to this!  There's a definite problem of a denial-of-service
attack here that the current scheme makes hard to avoid.  Hence why
I called it 'namespace pollution' in the subject line.

G





Thread