ietf
[Top] [All Lists]

Re: PGP security models, was Summary of IETF LC for draft-ietf-dane-openpgpkey

2015-09-24 04:09:00
John R Levine <johnl(_at_)taugh(_dot_)com> wrote:

A straightforward example is that the mail system, through malice or outside
pressure, does an MITM attack on users who have their own keys, so it
publishes a key it controls and re-encrypts mail on the way through to the
user's own key.

The user should notice this since their encrypted mail will appear to come
from their mail provider not from the sender. (PGP signature doesn't
match 822 From:)

Tony.
-- 
f.anthony.n.finch  <dot(_at_)dotat(_dot_)at>  http://dotat.at/
Viking, North Utsire: Easterly 4 or 5, increasing 6 at times. Slight or
moderate, but rough in southwest Viking. Showers later. Good, occasionally
poor later.

<Prev in Thread] Current Thread [Next in Thread>