[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] About deleting keys
|
From: |
Kristian Fiskerstrand |
|
Subject: |
Re: [Sks-devel] About deleting keys |
|
Date: |
Tue, 29 Oct 2013 14:30:23 +0100 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.0 |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 10/29/2013 02:07 PM, Kiss Gabor (Bitman) wrote:
>> If I remember right, there was a situation that Alice created a
>> key with the name of Bob. Bob complained to the key server
>> operator, but he is not able to modify the key Alice created. So,
>> the key server operator should be the one who disables retrieval
>> of the key.
>
> Uhmm... :-( Judge must understand that key owner is Alice because
> she knows the secret part. Bob cannot prove ownership. It does not
> matter whose name can be read from uid.
The discussion gets even more interesting when dealing with revoked
keys. If an attacker (with compromised secret key material) is given
the ability to deleting such a key from the server network and
re-uploading a non-revoked version; The effective security of the
whole system is compromised (or for that matter mallicious key server
operators doing the same).
There are good reasons for the servers being add-only by design... and
you'll find several discussions on this in the past.
- --
- ----------------------------
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
- ----------------------------
Public PGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
- ----------------------------
Donec eris sospes, multos numerabis amicos.
Tempora si fuerint nubila, solus eris.
As long as you are wealthy,you will have many friends.
When the tough times come, you will be left alone
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.1.0-beta255 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBCAAGBQJSb7hsAAoJEAt/i2Dj7frjtBUQAKeSphcaYgavgxIt9p9gRfDk
ilEjmxRHnY2bfc5IZgFYz6tTiPImXMhSHu60P/SwHtEDu9ORRZwFDprVX3BV1aCJ
i7GVbQFZejmD8WS6Y4OaJyr5n9vmRj1oma3ML/Z41tDUc5KpfsG/TFrVUo5mG5HU
CKgj1VroxJsLMVlOuR44v6JfSpHGY7wz5cbJTYOH9vap6enf/BH3W3vw5lxzXy8x
bFSB/fXwkwzGhp83J5bUYfCjRVY8D9RDdM0aekooK4t07Cg8O0djghzgrtBzK/5m
801b/qQvo9orsTVAMMav+nj7QM41Kwz719Hg2YjiL3HHwdU5LwWmnUKlXt6kPE4p
BUx4XQ5oA/I16Kr1uf7AUYWIsGj4Umv39dUmmPNaCpZiaFAAxnjLCnTvdeX6a1qU
d9NJYJsyxRyrSa7x9egaxg3cVp6gCFB+yNTko6PBtDF/M3n+T1DQIl2aOYIdfYJ7
1Cpt8deRLhbwjQJm8GfPclLz6Ve+Wf6QrRg4XhUrvVloA3xy8yYU7v5RTP72guTf
5IZhgmWKLYeNXIyQg8waSe/2BCSGo38bp3mN115NKtx4yDnprKNXC2w9iDJbqVMc
7RIpwYtK/H2XNple3VD8YBYEp8jiwBEjEBQkopnLz79MrTIrVKFMPu5nArEbyR2P
IyqSHXqmqrstICE5gV0t
=lkQa
-----END PGP SIGNATURE-----
- [Sks-devel] About deleting keys, Kiss Gabor (Bitman), 2013/10/29
- Re: [Sks-devel] About deleting keys, Arnold, 2013/10/29
- Re: [Sks-devel] About deleting keys, David Benfell, 2013/10/29
- Re: [Sks-devel] About deleting keys, Kiss Gabor (Bitman), 2013/10/29
- Re: [Sks-devel] About deleting keys,
Kristian Fiskerstrand <=
- Re: [Sks-devel] About deleting keys, Arnold, 2013/10/29
- Re: [Sks-devel] About deleting keys, Kristian Fiskerstrand, 2013/10/29
- Re: [Sks-devel] About deleting keys, dirk astrath, 2013/10/29
- Re: [Sks-devel] About deleting keys, Kristian Fiskerstrand, 2013/10/29
- Re: [Sks-devel] About deleting keys, dirk astrath, 2013/10/29
- Re: [Sks-devel] About deleting keys, Kristian Fiskerstrand, 2013/10/29
- Re: [Sks-devel] About deleting keys, dirk astrath, 2013/10/29
- Re: [Sks-devel] About deleting keys, Kristian Fiskerstrand, 2013/10/29
- Re: [Sks-devel] About deleting keys, Arnold Schekkerman, 2013/10/30
- Re: [Sks-devel] About deleting keys, Arnold, 2013/10/29