On 07/09/2011 07:25 PM, Boaz wrote: > [dkg wrote:] >> If the repressed source is known only publicly as "fubar127", the >> non-repressed activist can use OpenPGP certifications to assert that >> fubar127 does in fact hold key X. > > Here I must disagree. The anonymous blogger named fubar127 does not > need anyone to attest to his identity as fubar127. He need only start > posting comments under that name, signed with some key. Consider the > person who reads some posts by fubar, and comes to think of fubar as a > specific person whom a new post may or may not be written by. If he > wants to know whether a new post is by the “real” fubar127, he (his > software) need only check that it's signed with the same key as the > prior posts.
It's worth noting that it's easy for me to take fubar127's message, strip off their signature, and sign it with a key that i control. I can also associate any arbitrary name (e.g. "fubar127") with the key that i control (though no one else has certified it). I can even publish the re-signed message in the same forum that fubar127 published it in originally. Now, when someone wants to contact fubar127, whose signatures do they check against? In short: Identity verification for the sake of public verification needs to be done as an active, conscious affair. Regards, --dkg PS thank you for the kind words for the monkeysphere project (i also contribute to that project). The vision you describe of a singular, cross-protocol authentication regime is exactly the sort of thing we're hoping the project can contribute to.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Freedombox-discuss mailing list Freedombox-discuss@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss