[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: draft-ietf-openpgp-rfc2440bis-06.txt

On Tue, 2002-09-24 at 16:37, Derek Atkins wrote:
> [...]If the
> attacker controls the keyserver and can remove revocations then
> obviously this doesn't work, but I don't think an attacker can control
> that many data points.

Depending on the attack scenario, it might suffice when one person does
not see a revocation certificate during a limited timeframe (while they
send some vital documents encrypted to the compromised key).

This only requires control of the network connection of one machine for
a specific time. Absolutely feasible.

-- vbi

secure email with gpg                           http://fortytwo.ch/gpg

NOTICE: subkey signature! request key 92082481 from keyserver.kjsl.com

Attachment: signature.asc
Description: This is a digitally signed message part