1996-11-15 - [CRYPTO] web-of-trust, signatures, and anonymity

Header Data

From: Ted Garrett <teddygee@visi.net>
To: CypherPunks Mailing List <cypherpunks@toad.com>
Message Hash: 5e5ba249bf3ed4d54bb7d78ff6a2a75fe1657d1bf6269e79a8db080c47242848
Message ID: <Pine.LNX.3.95.961115010358.1916C-100000@tgrafix.livesys.net>
Reply To: N/A
UTC Datetime: 1996-11-15 06:48:24 UTC
Raw Date: Thu, 14 Nov 1996 22:48:24 -0800 (PST)

Raw message

From: Ted Garrett <teddygee@visi.net>
Date: Thu, 14 Nov 1996 22:48:24 -0800 (PST)
To: CypherPunks Mailing List <cypherpunks@toad.com>
Subject: [CRYPTO] web-of-trust, signatures, and anonymity
Message-ID: <Pine.LNX.3.95.961115010358.1916C-100000@tgrafix.livesys.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----


Ok, People...

Let's say that I receive a message via a mailing list from an entity.

This message is signed with a PGP public key.  Being that I am
interested in some of the ideas proposed by this entity, I respond to
the message, but I fat-finger my mailer and it sends out the message
unsigned.  However, my .signature is reasonably automated and my
public key id is included there.

I obtain the the public key associated with the original entity from
the keyservers and the signature verifies, but the key on the servers
is not signed.

Concurrently, I receive a message in response to a message I sent to
this entity, which comes to me encrypted with my public key and signed
with the private key paired off to the public key I obtained for
this entity from a keyserver.

Being a believer in anonymity, I feel that whatever person, machine,
or thing which placed the key on the keyserver and kindly responded to
my message is reasonably expected to be the owner of the private key
associated with the public key I obtained.  Is this a fallacy?

Am I wrong to sign the public key I got from the keyserver and return
said key to the address purported to be the entity of ownership?  What
the entity does with the signature is, in my opinion up to it.

Is it unrealistic to assign the probability of two entities being able
to generate signatures for the same public key as close to zero?
(consider that this is a 2047 bit key)

Am I opening myself to attacks?  By this, I mean to ask whether
or not MY key is in any way possibly compromised in the exchange
described.

I keep a separate and 'unpublished' keypair to be used for physically
met individuals.  The public key of this keypair is NEVER sent by any
means other than physically.  This key signs only the keys of the
people I meet in person or have extensive telephone conversations
with.  While people who recieve the signature of this key also get a
copy of it, I only distribute this key to those I trust not to
disseminate it further.

- ---
"Obviously, the US Constitution isn't perfect, but
it's a lot better than what we have now." - Unknown
PGP key id - 0xDEACDFD1 - Full key available from
pgp-public-keys@pgp.mit.edu


-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: cp850

iQEVAwUBMowSJc1+l8EKBK5FAQEg2Af/agcalrlyDK+Ku+Qq7cnODOJjFIcsDAjh
LLuA6KG2DeDQUiAH72uL5WgdiHQaZroAhqRsFGDic3zmc0YGDQkI4W2KTTsVFi08
ubcX9JCnOGuDWxLIwvBdCX/FxDsPyrhTeEUNjjkXp+5k+BdxzLTfbUgbnLgM/BGJ
wD3Bq+evmTr86ul0SLUs3KL5h0488LhalPYTKtm9hdO9f3K01kz5W+FLUK3lXKJb
YH2e2Ob2Nr/uSH6ElluSMVGtU09i+s40uloqokzAyB7NuTStSCupqUw0nHQKFIY7
Or8uwmZF6c7ivtacstViZ7/6xM0km7wmoyWsee3gxe63LH/Mqr25/A==
=0HFl
-----END PGP SIGNATURE-----





Thread