Hacker News new | ask | show | jobs
by kintamanimatt 4618 days ago
The problem with the key exchange mechanism you've described is it's untrustworthy. The software would be essentially asking "is this initial email from the person you think it is?" which is a tough question to answer given the fact that emails can be readily spoofed. Granted, Bob's key will differ from Mallory's key, but there may be just enough time to do bad things before detection.

Key exchange between people should always require some kind of offline verification. If you don't do this, you can't really trust that the person you're communicating with is who they say they are. It's this key exchange process that's a pain in the ass and prohibits PGP's adoption. We've kinda solved this already with certificate authorities, but they're now considered a weak link in the chain.
3 comments
a3n 4618 days ago
> Key exchange between people should always require some kind of offline verification. If you don't do this, you can't really trust that the person you're communicating with is who they say they are.

I know a lot of people who I've never met IRL and likely never will. When you think about it, I already don't know that they are who they say they are.

Many of them live far from me. I don't see a practical way to exchange keys with them offline. You have to travel and do it face to face, or trust that USPS, UPS or FEDEX haven't been compromised. Sure, that's very unlikely for Joe Blow, but still, you're doing it offline for security.

Lastpass and probably others have an online secure exchange tool, but then you have to trust Lastpass (which I currently do, if very uneasily).

link
steveklabnik 4618 days ago
This is why theres the web of trust concept. Which is even harder to explain than public/private keys.
link
nmcfarl 4618 days ago
I'm not sure the general public needs the level of trust you are describing. The have an email address somehow, from a Facebook chat, business card, or spam mail - and that's the level of trust in identity they are currently comfortable with.

Adding a key exchange with the identity they have - the person handing out biz cards could be lieing about his identity, but if someone else spoofs his key, he will not be able to read the email which will still end up in his inbox, not the spoofers. So now the spoofer needs to control this guys whole box to read and delete the emails, or else he'll be detected. At this point if your box is compromised, pgp isn't providing security. ;)

On the whole it sounds easier to impersonate biz card guy, than to just spoof his real email address and provide a fake pgp key.

(And as for unsolicited mails identity being trusted - Nigerian spam does still work, but the message has gotten through, even to the general populace - people know there is no assurance that identities are real. We just need to NOT undermine that distrust when adding pgp. )

link
ctz 4618 days ago
> Key exchange between people should always require some kind of offline verification.

Or a trusted third party (see IBE.)

link
kintamanimatt 4618 days ago
They have the same benefits and drawbacks of CAs.
link