[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Trust and public keys (was: S/MIME with OpenSSL?)
|
From: |
Jens Lechtenboerger |
|
Subject: |
Trust and public keys (was: S/MIME with OpenSSL?) |
|
Date: |
Sat, 14 Nov 2015 16:37:13 +0100 |
|
User-agent: |
Gnus/5.130014 (Ma Gnus v0.14) Emacs/25.0.50 (gnu/linux) |
On 2015-11-13, at 18:55, Uwe Brauer wrote:
> - PGP creates a net of trust: there are key servers where you can
> upload your public keys so that it can be signed by people you
> trust. As a rule of the thumb: one should trust a public key if
> its signed by somebody one trusts or if this is not the case,
> trust a key which has a lot of signatures.
The number of signatures does not tell much. Attackers can create
as many as they like.
> One should never just
> use a public key which has been sent to him/her, since one cannot
> trust it.
That depends on the scenario. If I know your “real” e-mail address,
it does not hurt if I use a public key for that e-mail address that
I just “found” (e-mail, key server, homepage).
If an attacker, say Mallory, created that key in your name, Mallory
would need to intercept all e-mails encrypted under that forged key
and replace them with e-mails encrypted to your real key (or
plaintext ones) to go undetected. I don’t think that ordinary human
beings need to care about attackers of such power.
Of course, if they did care, all they would need to do is verify key
fingerprints via some out-of-band channel. No signatures required,
but admittedly beyond the reach of “illiterate” users.
(Besides, attackers that are able to replace encrypted e-mails should
also be able to create S/MIME certificates for other people’s e-mail
addresses.)
> - SMIME has a hierarchical model: there are a dozen or so
> certificate authorities (CA) which can sign keys.
The color map at [0] shows about 650 of them.
> Keys signed by these authorities have to be trusted 100 \%.
Do you realize what you just said? With CAs, the positive term
“trust” is misused to hide something else. “Having to trust” just
does not make sense.
I don’t trust CAs, for good reasons. Trust has to be earned.
PKIs fail with the weakest link, and there are too many examples of
broken links [1, 2, 3, 4, 5].
> All software mail programs I listed are configured such
> that public keys signed by these authorities are
> trusted.
Please, do not misuse the term “trust”. I wrote about that in some
detail elsewhere [6].
Best wishes
Jens
[0] https://www.eff.org/files/colour_map_of_cas.pdf
[1]
http://www.h-online.com/security/news/item/Trustwave-issued-a-man-in-the-middle-certificate-1429982.html
[2]
https://blog.mozilla.org/security/2013/12/09/revoking-trust-in-one-anssi-certificate/
[3]
https://googleonlinesecurity.blogspot.com/2014/07/maintaining-digital-certificate-security.html
[4]
http://googleonlinesecurity.blogspot.de/2015/03/maintaining-digital-certificate-security.html
[5]
https://googleonlinesecurity.blogspot.com/2015/09/improved-digital-certificate-security.html
[6] https://blogs.fsfe.org/jens.lechtenboerger/2013/12/23/openpgp-and-smime/
- S/MIME with OpenSSL?, Jens Lechtenboerger, 2015/11/08
- Message not available
- Re: S/MIME with OpenSSL?, Adam Sjøgren, 2015/11/10
- Re: S/MIME with OpenSSL?, Uwe Brauer, 2015/11/11
- Re: S/MIME with OpenSSL?, Adam Sjøgren, 2015/11/11
- Re: S/MIME with OpenSSL?, Uwe Brauer, 2015/11/12
- Re: S/MIME with OpenSSL?, Adam Sjøgren, 2015/11/12
- Re: S/MIME with OpenSSL?, Uwe Brauer, 2015/11/13
- Trust and public keys (was: S/MIME with OpenSSL?),
Jens Lechtenboerger <=
- Re: Trust and public keys, Uwe Brauer, 2015/11/16
- Re: Trust and public keys, Jens Lechtenboerger, 2015/11/16
- Re: Trust and public keys, Uwe Brauer, 2015/11/18
- Re: Trust and public keys, Jens Lechtenboerger, 2015/11/19
- [smime and gpg] (was: Trust and public keys), Uwe Brauer, 2015/11/22
- Re: Trust and public keys, Uwe Brauer, 2015/11/16
- Re: S/MIME with OpenSSL?, Peter Münster, 2015/11/12
- Re: S/MIME with OpenSSL?, Uwe Brauer, 2015/11/13