[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] nokeyserver annotation
|
From: |
Kristian Fiskerstrand |
|
Subject: |
Re: [Sks-devel] nokeyserver annotation |
|
Date: |
Tue, 20 Dec 2016 19:51:04 +0100 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.5.1 |
On 12/20/2016 07:41 PM, Daniel Kahn Gillmor wrote:
> scenario (a) doesn't matter -- the keyservers simply won't propagate
> that modified cert, which is fine, because it's not actually Alice's
> self-sig anyway.
How wouldn't this matter? If you can trick a user into importing a
package that hinders distribution of the keyblock , and then later on
the user revokes the keyblock and believes it gets uploaded to keyserver
with the modified packet but at that point it is rejected?
--
----------------------------
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
----------------------------
Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
----------------------------
Quidquid latine dictum sit, altum videtur.
Anything said in Latin sounds profound
signature.asc
Description: OpenPGP digital signature
Re: [Sks-devel] nokeyserver annotation, Kiss Gabor (Bitman), 2016/12/20
Re: [Sks-devel] nokeyserver annotation, Daniel Kahn Gillmor, 2016/12/20
Re: [Sks-devel] nokeyserver annotation, Kim Minh Kaplan, 2016/12/22