Re: Reflections on Trusting Trust

• Previous message: Szilveszter Adam: "Re: Reflections on Trusting Trust"
• Maybe in reply to: Peter Jeremy: "Reflections on Trusting Trust"
• Next in thread: Kurt Seifried: "Re: Reflections on Trusting Trust"
• Reply: Kurt Seifried: "Re: Reflections on Trusting Trust"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 28 Nov 2005 05:21:16 +1100
To: Ian G <iang@iang.org>

On Sun, 2005-Nov-27 15:27:46 +0000, Ian G wrote:
>1. On the wider scope of your post I'd say that you
>did not present a need for an x.509 certificate
>that I could see.

PGP and X.509 have totally different trust models. The PGP Web of
Trust relies on each individual knowing and trusting a number of other
individuals - a newcomer or someone who is fairly isolated is unlikely
to have sufficient links to be able to fully participate. OTOH, the
X.509 model requires that the individual trust a central Authority -
which might be simpler for a newcomer. (I'm not going to get into a
debate on the reliability or reputation of current CAs).

>> - Signing ISO images with a Project key and/or certificate in addition
>> to providing MD5 checksums.
>
>No, all you need to do is include the checksums
>in a signed announcement. In fact, that's all
>that a common digital signature does, so you'd
>have to look at why you want more digital sigs...

It's trivial to verify an announcement signature when you receive the
e-mail. Doing so afterwards can be more problematic. Yesterday, I
grabbed the (signed) 6.0-RELEASE announcement from the mailing list
archive (http://lists.freebsd.org/pipermail/freebsd-announce/2005-November/001023.html).
Whilst the signature was still intact, the content has been changed
so the signature no longer verifies. (The changes are presumably
mechanical changes as part of its conversion from text to HTML but
undoing them would be difficult).

-- 
Peter Jeremy
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

• Previous message: Szilveszter Adam: "Re: Reflections on Trusting Trust"
• Maybe in reply to: Peter Jeremy: "Reflections on Trusting Trust"
• Next in thread: Kurt Seifried: "Re: Reflections on Trusting Trust"
• Reply: Kurt Seifried: "Re: Reflections on Trusting Trust"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: PGPsigs: the Choice of Con Artists ... They can insist whatever they want to insist but if I trust none of them ... You seem to have two problems: one is that you don't like the PGP signature ... signature or break public key encryption. ... (comp.os.linux.misc) Re: [OT] The PGP Signed Posts Farce ... I think you misunderstand this part of how PGP works. ... PGP provides a means of verifying the ... signature verifies that I am indeed the originator of the message. ... This is where the trust comes in. ... (comp.os.linux.misc) Re: PGPsigs: the Choice of Con Artists ... >> Can you tell us how these concepts map into the space of PGP ... Thats why there are levels of trust and signature. ... Linux community ... (comp.os.linux.misc) Re: The whole Process ... S/MIME aware application to fool you :-) ... > has an invalid signature. ... > embedded in email and news clients from Microsoft and Netscape for years. ... Recently Spammers illustrated this perception problem by forging PGP ... (microsoft.public.platformsdk.security) Re: Digital signatures ... You can choose to trust whomever you wish. ... In PGP, you have ... key that's used for this encryption is generated ... to use a rubber hose attack to beat the information out of you. ... (Fedora)