Re: Reflections on Trusting Trust

From: Peter Jeremy (PeterJeremy_at_optushome.com.au)
Date: 11/27/05

  • Next message: Wesley Shields: "Re: Reflections on Trusting Trust"
    Date: Mon, 28 Nov 2005 05:21:16 +1100
    To: Ian G <iang@iang.org>
    
    

    On Sun, 2005-Nov-27 15:27:46 +0000, Ian G wrote:
    >1. On the wider scope of your post I'd say that you
    >did not present a need for an x.509 certificate
    >that I could see.

    PGP and X.509 have totally different trust models. The PGP Web of
    Trust relies on each individual knowing and trusting a number of other
    individuals - a newcomer or someone who is fairly isolated is unlikely
    to have sufficient links to be able to fully participate. OTOH, the
    X.509 model requires that the individual trust a central Authority -
    which might be simpler for a newcomer. (I'm not going to get into a
    debate on the reliability or reputation of current CAs).

    >> - Signing ISO images with a Project key and/or certificate in addition
    >> to providing MD5 checksums.
    >
    >No, all you need to do is include the checksums
    >in a signed announcement. In fact, that's all
    >that a common digital signature does, so you'd
    >have to look at why you want more digital sigs...

    It's trivial to verify an announcement signature when you receive the
    e-mail. Doing so afterwards can be more problematic. Yesterday, I
    grabbed the (signed) 6.0-RELEASE announcement from the mailing list
    archive (http://lists.freebsd.org/pipermail/freebsd-announce/2005-November/001023.html).
    Whilst the signature was still intact, the content has been changed
    so the signature no longer verifies. (The changes are presumably
    mechanical changes as part of its conversion from text to HTML but
    undoing them would be difficult).

    -- 
    Peter Jeremy
    _______________________________________________
    freebsd-security@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-security
    To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
    

  • Next message: Wesley Shields: "Re: Reflections on Trusting Trust"

    Relevant Pages

    • Re: PGPsigs: the Choice of Con Artists
      ... They can insist whatever they want to insist but if I trust none of them ... You seem to have two problems: one is that you don't like the PGP signature ... signature or break public key encryption. ...
      (comp.os.linux.misc)
    • Re: [OT] The PGP Signed Posts Farce
      ... I think you misunderstand this part of how PGP works. ... PGP provides a means of verifying the ... signature verifies that I am indeed the originator of the message. ... This is where the trust comes in. ...
      (comp.os.linux.misc)
    • Re: Are ++ and -- operators really more efficient
      ... signature itself will be fairly small (e.g. the size of the hash's ... I can trivially generate a PGP key for "Mark Wooding ... but to large extent it does not matter on Usenet. ... moment that trust is build solely on the assumption that everything ...
      (comp.lang.c)
    • Re: PGPsigs: the Choice of Con Artists
      ... >> Can you tell us how these concepts map into the space of PGP ... Thats why there are levels of trust and signature. ... Linux community ...
      (comp.os.linux.misc)
    • Re: Atheists support evolution because evolution supports their
      ... any reason we should be trusting you in this matter, as opposed to, ... Is there any reason to think that we need to trust another person on ... God's rescue, and his love. ... Why don't you fix your signature? ...
      (talk.origins)