[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: PoP & Signer's User ID subpacket?
Jon Callas <jon@xxxxxxxxxx> writes:
> On 6/17/03 8:02 AM, "Derek Atkins" <warlord@xxxxxxx> wrote:
>
> >
> > Sure, this is fine... Theoretically the real key owner should have
> > access to both private keys at the same time, so this shouldn't be an
> > issue. Using a subpacket is fine. I still belive this is a MUST ;)
>
> I'm happy with any suitable solution, but I have a grumbly thing to add in.
>
> The general case of this is something we've called "signature stealing" and
> is always possible in a system that involves administrative processes. All
> you have to do is take someone else's signing key and start shopping around
> for someone who is careless enough (or bribable enough) to certify it. You
> can then claim that you made any signature made by the victim of that
> attack.
How does this attack work if the signature subkey _REQUIRES_ cross
certification? If I wanted to assume your signature key, how am I
supposed to get your signature subkey to sign my primary key in order
to perform the (to-be-required) cross-certification?
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@xxxxxxx PGP key available