[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Requiring self-signed uids? (was Re: PoP & Signer's User ID subpacket?)

Hash: SHA1

On Thu, Jul 17, 2003 at 03:20:26PM -0700, Len Sassaman wrote:
> On Mon, 14 Jul 2003, David Shaw wrote:
> > > I think there is value in requiring uids to be self-signed.  To allow
> > > encrypt-only top-level keys, one has to make a special case.  Given
> > > that they are only very limitedly useful, I'd rather not have the
> > > special case.
> >
> > Keep in mind that this renders valid 2440 keys invalid under 2440bis.
> > I can't imagine why we'd do such a thing just to gain the ability to
> > require self-signed user IDs.  To be honest, I've never seen an
> I am surprised that there have not been widespread attacks on OpenPGP keys
> as a result of the permitted non-self-signed UIDs. I think this really
> must be fixed. (And for users to add self-signatures to their existing
> unsigned uids is trivial.)

No question.  I just object to tying the self-signature fix to
removing encrypt-only keys.  It's my own fault since I mentioned them
together, but I was wrong.  There is no need to tie the two together.

> > Note that GnuPG doesn't have any special support for encrypt-only
> > primary keys, but because of the nice general design of v4 keys, where
> > any key (primary or subkey) can be of any type, encrypt-only primaries
> > work just fine.  I don't have a copy of PGP handy (I'm traveling), but
> > I suspect that they'll "just plain work" in PGP as well.  My point
> > here is that it would take additional code and additional complexity
> > to *prevent* encrypt-only primaries from working... so why mess around
> > with this, especially since there is no security-related reason for
> > it?
> Simplicity is a good reason, as is the robustness of the OpenPGP system.

I'm afraid I don't understand your response.  Simplicity is a good
reason to add complexity? (??)

Version: GnuPG v1.2.3rc1 (GNU/Linux)
Comment: Key available at http://www.jabberwocky.com/david/keys.asc