[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Trust and public keys
From: |
Jens Lechtenboerger |
Subject: |
Re: Trust and public keys |
Date: |
Thu, 19 Nov 2015 18:05:00 +0100 |
User-agent: |
Gnus/5.130014 (Ma Gnus v0.14) Emacs/25.0.50 (gnu/linux) |
On 2015-11-18, at 15:04, Uwe Brauer wrote:
> > That came out wrong, then. Part of my problem would be to figure
> > out the “real” e-mail address of “Ed Snowden”. If you registered
> > the fresh e-mail address “ed.snowden@gmail.com” and uploaded a
> > matching key to usual keyservers, then I might fall for that. No
> > special attack skills required.
>
> Correct but this applies to smime and gpg.
I’ll refer to this point below.
> [...]
> > For me as malicious CA (or intruder into a CA) there is no reason to
> > steal the private key as I could generate a certificate with
> > matching private key in your name for your e-mail address, which is
> > “trusted”. Then I could send signed e-mails in your name. That
> > alone might get you into trouble, but you might receive responses
> > that alert you about some ongoing attack. If I was a powerful
> > attacker, able to replace e-mails on the way, I could additionally
> > re-encrypt (modified) responses to your real certificate (or drop
> > messages entirely), and you would never know I was there.
>
> > If I cannot replace e-mails on the way, I can still send “trusted”
> > signed e-mails in your name and tell the recipients to switch to
> > different e-mail addresses with “trusted” certificates. Then,
> > again, I can re-encrypt responses to your real certificate and
> > e-mail address.
>
> But in all of these scenarios you need to hack the email account. It is
> not sufficent just to use a linux smptmail server and manipulate the
> form field. You also have to intercept the reply.
No, please re-read the paragraph starting with: “If I cannot replace”
> I don't see much of a difference between
>
> - the pgp scenario: to place a falsified pgp key on a server
>
> - the smime scenario: to crack a smime certificate by breaching a
> CA (which is more difficult that placing a falsified pgp key).
I agree to your above statement “Correct but this applies to smime
and gpg.” Thus, I consider the following attacks to be comparable:
Upload some OpenPGP key and register some S/MIME certificate.
However, newbies are warned not to trust downloaded OpenPGP keys,
while I’m not aware of similar warnings for “trusted” (signed)
S/MIME certificates.
> Again the question was is smime easier to use.
No. The question was whether someone on this list uses S/MIME with
OpenSSL and would object to a change of defaults to epg.
The current topic is “Trust and public keys.” I changed that in
response to your e-mail where you stated: “Keys signed by these
authorities have to be trusted 100 \%.”
The ensuing discussion helped me to see clearer: There are S/MIME
certificates that have been issued without checks (except ability to
receive e-mail), which I find ridiculous given the goal of
certification. The situation is even worse than I thought
initially.
Best wishes
Jens
- Re: S/MIME with OpenSSL?, (continued)
- Message not available
- Re: S/MIME with OpenSSL?, Adam Sjøgren, 2015/11/10
- Re: S/MIME with OpenSSL?, Uwe Brauer, 2015/11/11
- Re: S/MIME with OpenSSL?, Adam Sjøgren, 2015/11/11
- Re: S/MIME with OpenSSL?, Uwe Brauer, 2015/11/12
- Re: S/MIME with OpenSSL?, Adam Sjøgren, 2015/11/12
- Re: S/MIME with OpenSSL?, Uwe Brauer, 2015/11/13
- Trust and public keys (was: S/MIME with OpenSSL?), Jens Lechtenboerger, 2015/11/14
- Re: Trust and public keys, Uwe Brauer, 2015/11/16
- Re: Trust and public keys, Jens Lechtenboerger, 2015/11/16
- Re: Trust and public keys, Uwe Brauer, 2015/11/18
- Re: Trust and public keys,
Jens Lechtenboerger <=
- [smime and gpg] (was: Trust and public keys), Uwe Brauer, 2015/11/22
- Re: Trust and public keys, Uwe Brauer, 2015/11/16
- Re: S/MIME with OpenSSL?, Peter Münster, 2015/11/12
- Re: S/MIME with OpenSSL?, Uwe Brauer, 2015/11/13