[jdev] Re: JEP-0027 (OpenPGP) implementation question
norman at rasmussen.co.za
Sun Mar 5 14:04:59 CST 2006
On 3/5/06, Remko Troncon <remko at el-tramo.be> wrote:
> On 05 Mar 2006, at 18:26, Norman Rasmussen wrote:
> > No, as I said: """as Michal pointed out any exchange of pgp/gpg keys
> > in-band will be insecure. (e.g. using the same tcp connection). The
> > keyservers are the 'right' place to store and get this information."""
> Retrieving keys from a keyserver is equally unsecure. I think there's
> a mixup between the issue of automatically exchanging keys, and
> actually asserting that the key is valid. The former requires no
> security at all and can therefore be automated, the latter requires
> extensive checking.
Agreed, gpg/pgp keys are 'supposed' to be inheriently strong, and
therefore no automatic retrieval/exchange should even/ever be done,
If people want to implement automatic key exchange, they should be
looking to implement JEP-0116 - it's actually far safer in terms of
not being able to add and remove messages from conversations,
additionally if the private key is ever compromised, then the messages
can not be read.
In fact anyone wanting to implement encrypted communications in their
clients should be implementing JEP-0116, and _not_ JEP-0027 - is
backwards compatability with older clients a good enough reason to
implement something that's tricky to set up and get working with
contacts on your roster?
- Norman Rasmussen
- Email: norman at rasmussen.co.za
- Home page: http://norman.rasmussen.co.za/
More information about the JDev