User ID certificates vs key certificates
Florian Weimer <Florian.Weimer@RUS.Uni-Stuttgart.DE> Tue, 04 September 2001 14:53 UTC
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA18238 for <openpgp-archive@odin.ietf.org>; Tue, 4 Sep 2001 10:53:44 -0400 (EDT)
Received: by above.proper.com (8.11.6/8.11.3) id f84EgwO13323 for ietf-openpgp-bks; Tue, 4 Sep 2001 07:42:58 -0700 (PDT)
Received: from mercury.rus.uni-stuttgart.de (mercury.rus.uni-stuttgart.de [129.69.1.226]) by above.proper.com (8.11.6/8.11.3) with ESMTP id f84EguD13314 for <ietf-openpgp@imc.org>; Tue, 4 Sep 2001 07:42:57 -0700 (PDT)
Received: from rusfw by mercury.rus.uni-stuttgart.de with local (Exim 3.22 #1) id 15eHP8-0008Gv-00 for ietf-openpgp@imc.org; Tue, 04 Sep 2001 16:42:18 +0200
To: ietf-openpgp@imc.org
Subject: User ID certificates vs key certificates
From: Florian Weimer <Florian.Weimer@RUS.Uni-Stuttgart.DE>
Date: Tue, 04 Sep 2001 16:42:18 +0200
Message-ID: <tgheujaugl.fsf@mercury.rus.uni-stuttgart.de>
Lines: 28
User-Agent: Gnus/5.090001 (Oort Gnus v0.01) Emacs/20.7
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
Sieuwert van Otterloo's paper, 'A security analysis of PGP' (http://www.bluering.nl/pgp/pgp.ps), describes a more general problem in a few OpenPGP implementations (but fails to state that it affects most OpenPGP implementations, not only NAI PGP 5.x to 7.x): OpenPGP defines certificates as (public key, user ID) pairs, but most implementations tend to present 'key certificates', and the mapping from the former to the latter often leaves something to be desired (especially with PGP 2.6.x, but GnuPG, too, is not yet perfect). For example, PGP 2.6.3in prints the following messages for a valid signature created with the key below: Good signature from user "bad test key". Signature made 2001/09/04 13:52 GMT using 1024-bit key, key ID E2BB3EE5 However, only the 'good test key' user ID is certified: pub 1024R/E2BB3EE5 2001-09-04 bad test key sig E2BB3EE5 2001-09-04 bad test key uid good test key sig C06EC3B5 2001-09-04 Florian Weimer #RC=no RA=RUS CR=own# <Florian.Weimer@rus.uni-stuttgart.de> sig E2BB3EE5 2001-09-04 bad test key -- Florian Weimer Florian.Weimer@RUS.Uni-Stuttgart.DE University of Stuttgart http://cert.uni-stuttgart.de/ RUS-CERT +49-711-685-5973/fax +49-711-685-5898
- User ID certificates vs key certificates Florian Weimer