ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: PGP security models, was Summary of IETF LC for draft-ietf-dane-openpgpkey

2015-09-24 04:09:00
from [Tony Finch] [Permanent Link] 
John R Levine <johnl(_at_)taugh(_dot_)com> wrote:


A straightforward example is that the mail system, through malice or outside
pressure, does an MITM attack on users who have their own keys, so it
publishes a key it controls and re-encrypts mail on the way through to the
user's own key.


The user should notice this since their encrypted mail will appear to come
from their mail provider not from the sender. (PGP signature doesn't
match 822 From:)

Tony.
-- 
f.anthony.n.finch  <dot(_at_)dotat(_dot_)at>  http://dotat.at/
Viking, North Utsire: Easterly 4 or 5, increasing 6 at times. Slight or
moderate, but rough in southwest Viking. Showers later. Good, occasionally
poor later.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RFC content history ( Re: Last Call: <draft-farrresnickel-harassment-08.txt> (IETF Anti-Harassment Procedures) to Best Current Practice), Dave Crocker
Next by Date:  Re: Last Call: <draft-ietf-lwig-ikev2-minimal-02.txt> (Minimal IKEv2) to Informational RFC (fwd), Tero Kivinen
Previous by Thread:  Re: PGP security models, was Summary of IETF LC for draft-ietf-dane-openpgpkey, John R Levine
Next by Thread:  Re: PGP security models, was Summary of IETF LC for draft-ietf-dane-openpgpkey, Simon Josefsson
Indexes:  [Date] [Thread] [Top] [All Lists]