From: "Patrick J. LoPresti" <patl@eiffel.lcs.mit.edu>
Date: Tue, 22 Aug 95 16:17:39 PDT
To: Bryce Wilcox <wilcoxb@nagina.cs.colorado.edu>
Subject: Re: True Names and Webs of Trust
In-Reply-To: <199508221446.KAA00931@skyclad.lcs.mit.edu>
Message-ID: <199508222317.TAA09558@eiffel.lcs.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

 >> Zimmermann clearly understood all of this, but I don't think he
 >> documented it properly.  In my opinion, everyone should always
 >> think in terms of man-in-the-middle attacks when signing a public
 >> key.  Mandating "True Names" is just an overconservative approach
 >> suitable for people who don't fully understand the issue.

 wilcoxb> My point exactly.  My post "Stop Fixating on True Names" was
 wilcoxb> an attempt to clarify things to said people.

Then you didn't clarify very well; to wit:

 wilcoxb> Okay now does anyone want to do any of the above two things
 wilcoxb> to me?  If not then *don't* *worry* about whether my public
 wilcoxb> key is signed by anyone or not.  It makes zero difference to
 wilcoxb> you until such a time as one of the above motivations
 wilcoxb> acquires.

 wilcoxb> Zimmermann et al. were/are naive to emphasize the Web of
 wilcoxb> Trust as a means of introducing strangers.

The first paragraph clarifies nothing because it is dead wrong; the
second because it is arrogant, offensive, and dead wrong.

 wilcoxb> From this perspective, the Web of Trust is the soul of
 wilcoxb> public-key cryptography.  From the other perspective ("Never
 wilcoxb> ever sign a key which you got off of a bulletin board!"
 wilcoxb> warns "pgpdoc1.txt") it is a cute anachronism.

The Web of Trust is a means of thwarting active attacks;
nothing more, nothing less.  "Perspective" has nothing to do with it.

Given that active attacks are hard to explain and understand fully,
the PGP docs are correct to advocate a conservative approach to
signing keys.  Novices *should* be taught to take the Web of Trust
seriously.  (Yes, I am retracting my own statements quoted above; the
more I think about it, the more I think it is very hard to teach a
novice the details of active attacks.)

Moreover, I suspect that active attacks are more likely today than
when those docs were written, which makes their advice precisely the
opposite of an "anachronism".

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.3, an Emacs/PGP interface

iQCVAwUBMDpleHr7ES8bepftAQE0KgQAoAg5QeXwbtZzKMliNH63f3Ewvxz1g8gR
vlTPwZ8YRWANxFFbhN03DMo6HQI78f/8VnbvOB8osZz/aLQgmyuw6Q201vfHbbtu
gKpfLBPLu/Cl2JEk6FK58IYyvrTPZ7XKfp80LoRIby/pSU2uL7K2+7vfjGWGvjvY
V9s9mJUCGN8=
=OBD5
-----END PGP SIGNATURE-----