On 2015-11-15, at 21:07, Uwe Brauer wrote: > If I had to communicate something really secret say with Ed Snowden, I > would use of course use gpg[1] and not smime, , > then I would try somehow to compare the fingerprints of the keys by some > secure means (a secure chat). > > Now if you say that all the above scenarios are usually out of reach of > «normal» attackers,
That came out wrong, then. Part of my problem would be to figure out the “real” e-mail address of “Ed Snowden”. If you registered the fresh e-mail address “[email protected]” and uploaded a matching key to usual keyservers, then I might fall for that. No special attack skills required. I don’t know too much about CAs that issue e-mail certificates for free. However, based on your description of Comodo I guess that you could also obtain an S/MIME certificate in the above case (for [email protected] after registering that address). So the “trust” built into S/MIME seems worthless. > When I apply for a certificate the private key is generated by the crypt > module of my browser. Are you suggesting that this is also hacked? That > indeed would be disastrous. Then indeed the intruder could obtain a copy > of my private key and sell it to some sinister organisation. For me as malicious CA (or intruder into a CA) there is no reason to steal the private key as I could generate a certificate with matching private key in your name for your e-mail address, which is “trusted”. Then I could send signed e-mails in your name. That alone might get you into trouble, but you might receive responses that alert you about some ongoing attack. If I was a powerful attacker, able to replace e-mails on the way, I could additionally re-encrypt (modified) responses to your real certificate (or drop messages entirely), and you would never know I was there. If I cannot replace e-mails on the way, I can still send “trusted” signed e-mails in your name and tell the recipients to switch to different e-mail addresses with “trusted” certificates. Then, again, I can re-encrypt responses to your real certificate and e-mail address. Best wishes Jens _______________________________________________ info-gnus-english mailing list [email protected] https://lists.gnu.org/mailman/listinfo/info-gnus-english
