[messaging] The Simple Thing

Joseph Bonneau jbonneau at gmail.com
Sat Oct 4 08:58:53 PDT 2014

On Sat, Oct 4, 2014 at 12:26 PM, Ben Laurie <ben at links.org> wrote:

> *Alice looks up Bob's key.
>> *The Evil Log inserts a spurious key for Bob. We're assuming (I think
>> almost all of us are willing to assume this) that log-consistency auditors
>> ensure the log has to actually put the spurious key into a globally
>> consistent log forever. Trying to locally fork Alice's view is too risky if
>> some non-zero proportion of users gossip out of band.
> Then this is really the Evil Keyserver doing the inserting. Evil Logs
> would presumably try other tactics...

Yes, if there's a separate Keyserver and Log it's probably the Keyserver
doing the spurious insertion. In some version we've been discussing the
Keyserver and Log are the same entity.

> If there's this magical non-MITMable out-of-band channel, why is Alice not
> using it to send the message to Bob in the first place?

Usual reasons: You're setting up a channel for the future so you can afford
extra work, and checking a key fingerprint may be much lower bandwidth than
the whole conversation or the whole key. But it is certainly a fair point
that this out-of-band channel often won't exist and users will want to
start talking anyways.

> Another thing occurs to me, is this: what if Alice doesn't actually know
> Bob? Then the out-of-band magic becomes even more magical.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20141004/b3be58b1/attachment.html>

More information about the Messaging mailing list