[7809] in cryptography@c2.net mail archive
Re: More thoughts on Man in the Middle attacks and PGP
daemon@ATHENA.MIT.EDU (Arnold G. Reinhold)
Wed Sep 13 23:27:32 2000
Mime-Version: 1.0
Message-Id: <v04210109b5e57268e5b5@[24.218.56.92]>
In-Reply-To: <39BFB97D.40BB95E@algroup.co.uk>
Date: Wed, 13 Sep 2000 14:09:33 -0400
To: Ben Laurie <ben@algroup.co.uk>
From: "Arnold G. Reinhold" <reinhold@world.std.com>
Cc: cryptography@c2.net
Content-Type: text/plain; charset="us-ascii" ; format="flowed"
At 6:29 PM +0100 9/13/2000, Ben Laurie wrote:
>"Arnold G. Reinhold" wrote:
>>
>
>
> > >There's really nothing stopping an implementation of SSL that uses PGP
>> >for key verification. All that's really required at the end of the day
>> >is some ASCII (to check the server name) and a public key, verified
>> >according to the requirements of the, err, verifier.
>> >
>>
>> Allowing SSL to accept PGP keys might be handy in other contexts, but
>> not here. If Bob wants to rule out a MITM attack and he somehow has
>> an active PGP key (other than his own) that he trusts, he can simply
>> send PGP-encrypted mail asking that key holder to verify Bob's public
>> key at the key servers.
>>
>> The value of SSL in this context is that every PC comes with a set of
>> certs that can be used to validate an SSL link. (Mine came with 66
>> certs) Bob can walk into any computer store and buy a PC or a Windows
>> disk off the shelf. Unless the MITM attacker has access to the
>> private portion of these keys (perhaps a risk if your expected threat
>> is United Spooks of Earth), and is willing to risk that compromise
> > being exposed, his electronic bubble is pierced.
>
>I was addressing "SSL might be anathema to the PGP community since it
>depends on a CA model for trust distribution".
>
And I guess what I meant by that was that the the PGP community might
not be happy relying on the PKI/CA's of the world to help PGP counter
the MITM attack. But in fact the PKI/CA's as they exist today allow
one to do just that.
Best,
Arnold
