On 30/07/2013 02:10, Percy Alpha wrote: > To boyska, > >> >> but what if Gmail provides a fake key for B? Why should you >> automatically trust that key? >> >> Also, I miss the point of signatures: A signs B's key, but noone cares >> about that signature in that scheme. Am I missing something? >> > > "At first time, B's public key will be downloaded from Google and signed by > A.". "Any subsequent times, A also verifies the authenticity of B's key".
how does a browser know if this is the first time or the second one? What I mean is: 1) Alice wants to send an mail to Bob. It's the first time, so she retrieves B's key and signs it 2) in a different session (ie: in a different browser) Alice sends an email to Bob. It retrieves B's key, but Mallory does mitm and gives a different key; let's call M(B) that key; there is no signature on it, so A thinks it's the first time, and accepts the key and signs it. at that point, the mitm even received a signature from A! Also, the application code (that is, javascript) is provided by Google itself, so the second time it could just be changed to behave in a completely different way without Alice ever noticing it; this can be done both by google and by a mitm. > I'm targeting the common people(email provider to the common people),not > the existing PGP users. I think I missed the point; could you clear out an example of attack that is possible now, but won't be possible anymore using the scheme you proposed? -- boyska -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at [email protected] or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
