[Standards-JIG] UPDATED: JEP-0027 (Current Jabber OpenPGP Usa ge)

Justin Karneges justin-keyword-jabber.093179 at affinix.com
Wed Mar 17 21:27:44 UTC 2004


On Wednesday 17 March 2004 6:32 am, Jacek Konieczny wrote:
> On Wed, Mar 17, 2004 at 02:35:52AM -0800, Justin Karneges wrote:
> > However, if one key in a keyring has a prefixed JID and another key does
> > not, should the client simply go with the prefixed key, or should it
> > prompt the user to choose between the two matches?
> >
> > I think if most people don't use the prefix, then the attacker could
> > prefix his spoofed JID to gain priority and bypass any user prompting.
>
> User should be warned if untrusted key is used for signature
> verification or encryption. If both keys are trusted one of them could
> be prefered and choosen without asking the user. If the key to be used
> is untrusted, then the user has to be asked about it anyway.

Is it possible for the key user-id fields to slip past the view of the pgp 
user, if the key is already trusted?  For instance, what if the key validates 
via the web-of-trust, or if the user has already explicitly signed the key 
earlier and now blindly accepts updates?

If the user must hand check every key that goes into his keyring, even updated 
keys, then there is no problem.

-Justin



More information about the Standards mailing list