On Sat, Dec 07, 2019 at 09:51:34PM +0100, Stefan Claas via Gnupg-users wrote: > Juergen BRUCKNER wrote: > > > Hi Stefan > > > > Thats not the approach PGP pursues. > > PGP was, is and should continue to be decentralized in the future. It > > was never really intended to validate identities in a wide circle, but > > to secure communication, and - im parts - to ensure the integrity of > > software. > > Well, the integrity of software can also be shown with a simple hash > value posted, because I can not verify if the sig belongs to person > xyz, even when he / she has a lot of fan sigs from people unknown to > me.
Yes, if you trust that the page with the hash on it has not been compromised. Once the bad guy is inside the site, changing the hash is just as easy as replacing the software. Signatures depend on material that is *not* in the same place with the signed object (if we're doing it right) and thus can be verified from independent sources. Simple hashes can only detect simple failures. They have no value against a careful adversary. PKC, used properly, can raise the cost of compromise, by increasing the number of places that the bad guy must break into and get out of undetected. This is the electronic analog of a principle in physical security: require the bad guy to spend time, make noise, and create a visible mess, to increase his fear of being discovered to the point that the expectation of winning is not worth the expectation of losing. -- Mark H. Wood Lead Technology Analyst University Library Indiana University - Purdue University Indianapolis 755 W. Michigan Street Indianapolis, IN 46202 317-274-0749 www.ulib.iupui.edu
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users