On 09/09/2014 04:09 PM, Tony Arcieri wrote: > If you have your key fingerprint published through many channels, someone > concerned with actually verifying your key fingerprint can check them all > to ensure they match. If there's a discrepancy, something is probably amiss.
it looks like https://twitter.com/dkg and https://github.com/dkg do not publish the same information. So, something is probably amiss. What should a user do with this information? What if https://twitter.com/dkgillmor and https://github.com/dkgillmor both offer the same key as each other, and their respective contributions to the public discourse seem like the contributions that i tend to make? now do you believe the choice of key material published by those accounts? (note how easy it is to clone someone's public github repos; note also how easy it is to replay someone's twitter feed into a new account; and this is an impersonation attack i can do *without* being a twitter or github administrator) > Perhaps an attacker managed to compromise them all and update your key > fingerprints in all locations to confuse a victim into sending the attacker > an encrypted message. Sure, it's not a great solution. It's an OK solution, > however. Certainly better (from a security, not usability perspective) than > TOFU. I agree it seems better than nothing and (probably) better than TOFU. I'm just not sure what we're doing with it, and whether it helps us to identify the actual people behind the different communications channels, or whether it makes those different communications channels more important, and the actual people less important. > Short of things like Google's proposed CT-alike for E2E looking for > dishonest Key Directories, I'm not sure how you do better. So i think what you're getting at here is auditability, which is a useful thing, particularly when coupled with the ability to act effectively on detected malfeasance. I still haven't read the google E2E proposal, so i probably need to go do that. --dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
