At 10:33 AM 8/27/00 -0400, Arnold G. Reinhold wrote:
>How hard would it be to filter the public key servers for unsigned
>ADKs and either notify the keyowner or just remove the unsigned ADKs?
>The cert containing the unsigned ADK could be moved to a separate key
>server, equipped with suitable warnings, so the forensic record would
>be preserved.
The philosophy of the keyservers is that they only provide distribution
and convenience - the security of using a PGP comes from signatures.
If we've lost the security of the PGP signature system, at least for DH keys,
then perhaps they can help, but that doesn't tell you if there are
already-distributed keys containing ADKs.
ADK-infected PGP keys can still be used for signatures and keysigning,
just not for encryption keys. Fortunately, the RSA patent expires
Real Soon Now, so we could start widely redeploying RSA keys.
(Unfortunately, the old-style RSA keys had format bugs too,
and they use MD5 which is moribund.)
The real question is whether somebody will hack the keyservers
to eat ADK keys before or after somebody downloads all the DH keys,
adds ADK keys to them, updates the servers, and threatens to publish....
Thanks!
Bill
Bill Stewart, [EMAIL PROTECTED]
PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
