[messaging] Google End-to-End plans on using key directories with a CT-like verification protocol

Watson Ladd watsonbladd at gmail.com
Fri Aug 29 10:30:16 PDT 2014 

On Fri, Aug 29, 2014 at 10:17 AM, Tao Effect <contact at taoeffect.com> wrote:
> On Aug 29, 2014, at 8:26 AM, Ben Laurie <ben at links.org> wrote:
>
> On 28 August 2014 20:44, Tao Effect <contact at taoeffect.com> wrote:
>
> So, I think I was MITM attacked. [1]
>
> I think I detected it.
>
> I pointed it out. I presented evidence.
>
>
> I am curious about this - I reviewed the tweets, and the evidence
> appears to be that the cert was changed at time A and you noticed the
> change at time A + a few weeks. I didn't see any evidence that you
> checked it between those two times...
>
>
> I had checked the website the day prior to those tweets. Cert change
> appeared a day later. That is why I was (and am still) convinced that it was
> a MITM attack.

Where the website owner confirmed that the new cert was correct?

>
> This event serves as a real-world example of the community's reaction to
> MITM attacks. It highlights extreme skepticism and apathy in spite of clear
> evidence of a MITM attack.
>
> Only major CA compromises that have affected giant companies (like Google)
> get press.
>
> This example shows that people on this list could be MITM attacked right
> now, and in the unlikely event that they detected it, it may not matter
> much. That is why I prefer systems that prevent MITM attacks from happening
> in the first place, and without any ambiguity.

What's the difference between the key associated to
watsonbladd at gmail.com changing  because I forgot a passphrase and
changing because it's been MITM'd? If you want to make addresses keys,
then you introduce a different set of problems, where the address
associated to an individual is changed.

The basic problem is that the only individual who knows what keys
should be associated with them, is the individual who owns the private
keys. And so you need to have a consistent, global view of that map,
which can get occasionally updated and have them check the correctness
of this map.

Sincerely,
Watson Ladd

>
> Cheers,
> Greg Slepak
>
> --
> Please do not email me anything that you are not comfortable also sharing
> with the NSA.
>
>
>
> _______________________________________________
> Messaging mailing list
> Messaging at moderncrypto.org
> https://moderncrypto.org/mailman/listinfo/messaging
>



-- 
"Those who would give up Essential Liberty to purchase a little
Temporary Safety deserve neither  Liberty nor Safety."
-- Benjamin Franklin

More information about the Messaging mailing list