[JDEV] PGP / Public Key retrieval
max at quendi.de
Tue Oct 10 11:05:53 CDT 2000
At 11:43 Uhr -0400 10.10.2000, Peter Millard wrote:
>I've already looked at dealing w/ PGP inside of Winjab and have thought
>about this and discussed it at some length w/ jer + others..
>The big IMPORTANT thing about passing key's around is "authenticity" of the
>actual key. This is the entire reason that key servers exist... so that just
>'anyone' can't send you a public key since you have no way of "knowing" that
>the other "end" of the Jabber connection isn't a hacker/spoofer/etc..
>The Public key servers are "trusted authorities" so that we both trust the
>server, thus, we can "safely" exchange public keys with it.
>IMO, the ONLY way that a Jabber client should fetch keys is by doing it
>through an existing public key server.. or force the user to use the PGP/GPG
>key utilities to find the key first, and just use the existing key ring.
>Temas - am I on the right track here?? :) We talked about this @ OSS and
>this is what I remember from that discussion.
I completly disagree! Keyservers are *not* "trusted authorities" !
You misunderstood the PGP principle IMHO.
Keysevers can be victims of spoof attacks etc. just like anyone else.
In addition, anyone can put a key on a keyserver, faked as well as
real keys. (Faked meaning: they bear an email address that doesn't
match the real creator).
The only two ways to validate a key is 1) you get the key from
someone you can trust in a *physically* way (e.g. on a disk) or 2)
the key is signed by some (or better more) keys which are already
trusted by you. This is how CAs work: they sign your key (marking it
as trusted & valid) only when you can physically proof it is yours.
Since you got the public key of the CA you can be sure other keys
signed by that CA a valid (if you trust them is something else, but
you can be sure the email/name on the key are correct).
International C/C++/Internet Development
email: <mailto:max at quendi.de>
phone: (+49) 2621-188947
More information about the JDev