[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Monotone-devel] Re: key trust
From: |
Richard Levitte - VMS Whacker |
Subject: |
Re: [Monotone-devel] Re: key trust |
Date: |
Wed, 12 Oct 2005 19:15:20 +0200 (CEST) |
In message <address@hidden> on Wed, 12 Oct 2005 08:55:09 -0700, Nathaniel Smith
<address@hidden> said:
njs> I don't understand -- Alice writes out a cert saying "in June, I
njs> say version da39 is good". Then her cert gets revoked with a
njs> July timestamp. So Bob trusts the cert that says "in June, ...",
njs> because June < July. Then in December Mallory comes along, with
njs> his cracked copy of Alice's old key, and writes out a cert saying
njs> "in June, I say version 0123 is good". So Bob trusts _that_ cert
njs> too...
Others noted this too, and of course, it would mean we would need to
be able to find trustable time somewhere, which is usually a trustable
time server.
However, come to think of it, the time issue is really not much of an
issue, as long as revokation can be checked. It doesn't matter if
Eve or Mallory can make signatures at any time or with any date,
because to spread their work, they will need to make it available
throught netsync, and since that's signed with their key, they would
be stopped from spreading their work from the point of revokation on.
It would mean that whatever they did between their last push/pull/sync
and the point of revokation is lost, but that's true as well if you,
as a server administrator, decide to remove their public key from the
server database in the current implementation.
I'm sure there are some corner cases that would still have to be
thought through.
Cheers,
Richard
-----
Please consider sponsoring my work on free software.
See http://www.free.lp.se/sponsoring.html for details.
--
Richard Levitte address@hidden
http://richard.levitte.org/
"When I became a man I put away childish things, including
the fear of childishness and the desire to be very grown up."
-- C.S. Lewis
- Re: [Monotone-devel] Transport encryption, (continued)
- Re: [Monotone-devel] Transport encryption, Michael Neumann, 2005/10/13
- Re: [Monotone-devel] Transport encryption, Conrad Steenberg, 2005/10/11
- key trust (was Re: [Monotone-devel] Transport encryption), Nathaniel Smith, 2005/10/12
- [Monotone-devel] Re: key trust, Richard Levitte - VMS Whacker, 2005/10/12
- Re: [Monotone-devel] Re: key trust, Brian Campbell, 2005/10/12
- [Monotone-devel] Re: key trust, Nathaniel Smith, 2005/10/12
- Re: [Monotone-devel] Re: key trust, Conrad Steenberg, 2005/10/12
- Re: [Monotone-devel] Re: key trust,
Richard Levitte - VMS Whacker <=
- Re: [Monotone-devel] Re: key trust, Conrad Steenberg, 2005/10/12
- Re: [Monotone-devel] Re: key trust, Richard Levitte - VMS Whacker, 2005/10/12
- [Monotone-devel] Re: key trust, Bruce Stephens, 2005/10/12
- Re: [Monotone-devel] Re: key trust, Conrad Steenberg, 2005/10/12
- Re: [Monotone-devel] Re: key trust, Richard Levitte - VMS Whacker, 2005/10/12
- [Monotone-devel] Re: key trust, Bruce Stephens, 2005/10/12
- Re: [Monotone-devel] Re: key trust, Richard Levitte - VMS Whacker, 2005/10/12
- Re: [Monotone-devel] Re: key trust, Conrad Steenberg, 2005/10/12
- Re: [Monotone-devel] Re: key trust, Richard Levitte - VMS Whacker, 2005/10/12
- [Monotone-devel] Re: key trust, Lapo Luchini, 2005/10/13