On 06.06.17 18:07, Stefan Claas wrote: > On 06.06.17 04:11, Daniel Kahn Gillmor wrote: >> On Tue 2017-06-06 01:24:43 +0200, Stefan Claas wrote: >>> On 05.06.17 22:26, Daniel Kahn Gillmor wrote: >>>> what does "bullet-proof" mean, specifically? >>> For me it means that the idendicons should be visually easy to read >>> and cryptographically secure. Sorry that i have no better explanation. >> here's one way to try to frame the question: Imagine the situation as a >> game, where you have two players on one team, "defense" named Alice and >> Bob; Alice wants to send a message to Bob. Another player on the >> opposing team, "offense", is named Mallory, is trying to send a message >> to Bob as well, but trying to trick Bob into thinking that the incoming >> message comes from Alice. >> >> The way the game is played, either Alice or Mallory gets to send a >> message. Bob has to decide whether the message actually came from >> Alice. If Bob gets it right, the "defense" wins. If Bob gets it wrong, >> the "offense" wins. The game is played multiple times. >> >> Is that the scenario you're thinking of? If so, does the defense need >> to win 100% of the time over thousands of games? or is it acceptable >> for offense to win occasionally? >> >> In any case question is: how much work does Mallory need to do to get >> Bob to make a mistake? How frequently can Mallory trick Bob into >> accepting mail from her as though it were from Alice? Conversely, how >> many messages that were actually from Alice can Bob accidentally reject >> without making Alice upset enough to give up on the entire >> communications scheme? >> >> > In old times I would say if Bob and Alice don't know each other and they > have no clue how that particular security software works it should be that > the second message send to one person the security software already detects > forgeries and reports that to a person. However, with that thinking it does > not guarantee that Bob knows that Alice is not Eve. Therefore qualified CA's > in my opinion are mandatory where each user in each country has to register > with his/her id-card so that it's guaranteed that Alice is not Eve. > > Regards > Stefan > Correction... instead "has" to register "may register"...
Regards Stefan _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
