ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [openpgp] Followup on fingerprints

2015-08-04 16:12:51
from [Daniel Kahn Gillmor] [Permanent Link] 
On Mon 2015-08-03 23:32:15 -0400, Phillip Hallam-Baker wrote:

The attack is to confuse someone's perl hack into letting someone get away
with something they should not.


This seems like an insufficiently specified attack to me.  The same
"someone" controls both (fingerprint-collided) keys anyway, so even if
there's a "perl hack" involved, that someone is already authorized,
right?

can you please describe a more detailed attack scenario?

    --dkg

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [openpgp] Followup on fingerprints, Vincent Breitmoser
Next by Date:  Re: [openpgp] Followup on fingerprints, Daniel Kahn Gillmor
Previous by Thread:  Re: [openpgp] Followup on fingerprints, Phillip Hallam-Baker
Next by Thread:  Re: [openpgp] Followup on fingerprints, Werner Koch
Indexes:  [Date] [Thread] [Top] [All Lists]