Am Freitag, 20. Januar 2012, 21:15:29 schrieb Chris Poole: > The encryption and signing is still being done by the subkeys, so is > it simply that they're signed by the parent 1024-bit key, and this key > is easier to fake?
Yes. If the main key is compromised then a) certifications for other keys can be forged (of course, anyone being attacked by that could see that the key whose certification he is going to rely on is that short) b) new subkeys for that key can be created If the attacker is capable of a man-in-the-middle attack then he can send the compromised key when the attacked person makes a keyserver update. This way noone would notice the manipulation (not even the key owner when checking what's on the keyservers). Afterwards data would be encrypted to the wrong key and signatures by the attackers subkey would be accepted. Another attack szenario is that the whole key can be revoked when you need it. People do not send you important, urgent information because they do not have a valid key to encrypt to. Or you have to sign something in time but do not have a key which is accepted be the recipient. Hauke -- PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users