[messaging] On Signed-Only Mails
Bjarni Runar Einarsson
bre at pagekite.net
Thu Dec 8 01:01:31 PST 2016
-----BEGIN PGP SIGNED MESSAGE-----
Yes, a persistent man in the middle can break any TOFU-style
Natanael <natanael.l at gmail.com> wrote:
> How to defeat a chess grandmaster;
> Play as a proxy between two chess grandmasters. Just copy their
> moves, let them play each other while both of them just see
> *your* face.
> There's typically nothing in the data binding the actions to
> your identity. Somebody persistent enough can silently
> substitute keys indefinitely if you have no alternative
> communications channel.
Do you honestly think the risk of mass impersonation is greater
than the current dumpster fire of keyservers that anyone can
anything upload to and most users will just blindly trust anyway?
Attacks on this scheme are mitigated by time. Again, like other
TOFU (which this is a variant of), you have to start your attack
early and be persistent. This significantly raises the bar.
Sometimes the attack becomes impossible, and it is almost always
You can't decide to start impersonating me tomorrow, you have to
have decided to do so 5 years ago. You have to decide to
impersonate the grand chessmaster while he's still an
uninteresting nobody. Bring on the time machine and we'll talk!
And remember, people who need stronger assurances can still use
all the other verification techniques.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
-----END PGP SIGNATURE-----
More information about the Messaging