Delivery-Date: Fri, 19 Feb 2016 08:11:18 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD,UNPARSEABLE_RELAY
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 73DA81E030B;
	Fri, 19 Feb 2016 08:11:16 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 012B2397E2;
	Fri, 19 Feb 2016 13:11:11 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 538D1397DF
 for <tor-talk@lists.torproject.org>; Fri, 19 Feb 2016 13:11:07 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id C-_zFj9-9XDG for <tor-talk@lists.torproject.org>;
 Fri, 19 Feb 2016 13:11:07 +0000 (UTC)
Received: from mx1.riseup.net (mx1.riseup.net [198.252.153.129])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "*.riseup.net",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 2EB2939615
 for <tor-talk@lists.torproject.org>; Fri, 19 Feb 2016 13:11:07 +0000 (UTC)
Received: from piha.riseup.net (unknown [10.0.1.163])
 (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (Client CN "*.riseup.net",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (verified OK))
 by mx1.riseup.net (Postfix) with ESMTPS id 8B5AB1A1BC1
 for <tor-talk@lists.torproject.org>; Fri, 19 Feb 2016 13:11:04 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak;
 t=1455887464; bh=V+HtzdrGor3L6uQbuHXUoK25PcZbYU9P/lWpol3ecTg=;
 h=Subject:To:References:From:Date:In-Reply-To:From;
 b=AgnXwc6WJxc6ThqUAmI9Xhl6k/qKLdHDHS37QCnX4pvp+Zks75EWsRb+8rK+ZWvhD
 xyUHZ8SkAEav5b2ktUmS8e4pqvEPpxYFAqHBA23YEekMewuNHodgPtiDVnZgS5is6W
 7ps43dgggpb1JVlyIh879YGtTsPuM1+CXrzdOu2E=
Received: from [127.0.0.1] (localhost [127.0.0.1])
 (Authenticated sender: mirimir) with ESMTPSA id 88D581C0031
To: tor-talk@lists.torproject.org
References: <CAD--ZDVZECJ+gcx5MF51VTJ97pMzzROSVrDmpR7L1F-_hOF1OA@mail.gmail.com>
From: Mirimir <mirimir@riseup.net>
X-Enigmail-Draft-Status: N1210
Message-ID: <56C71462.2080600@riseup.net>
Date: Fri, 19 Feb 2016 06:10:58 -0700
MIME-Version: 1.0
In-Reply-To: <CAD--ZDVZECJ+gcx5MF51VTJ97pMzzROSVrDmpR7L1F-_hOF1OA@mail.gmail.com>
X-Virus-Scanned: clamav-milter 0.98.7 at mx1.riseup.net
X-Virus-Status: Clean
Subject: Re: [tor-talk] PGP and Signed Messages,
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 02/19/2016 05:34 AM, Nathaniel Suchy wrote:
> I've noticed a lot of users of Tor use PGP. With it you can encrypt
> or sign a message. However how do we know a key is real? What would
> stop me from creating a new key pair and uploading it to the key
> servers? And from there spoofing identity?

Yes, you could create a key with user ID mirimir (mirimir@riseup.net).
And you could share it with others, pretending to be me. But email to
mirimir@riseup.net goes to me, not to you, and I'd be unable to read
it. So I'd probably reply, attaching my public key. I could also
download the fake key, and alert the sender.

But Riseup could do that, and also filter out messages going to their
fake key. Adversaries that could MitM Riseup's connections with other
mailservers could also manage that.

But correspondents who bothered to check https://keybase.io/mirimir
could determine whether or not they have the right key for me. In
order to change keys, an adversary would need to make coordinated
changes to four online accounts and the VM that I'm using. Possible?
Sure. But not so easy.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQEcBAEBAgAGBQJWxxReAAoJEGINZVEXwuQ+63kIAMk9S4gWczEPMKt1aJQF0+ev
EnNxyExKaWOBWRoCJst7NUdVtr/vwh4mu29p6fsOrEHP+h/BfwLHaHqKgO+KJGE/
QxMgWcoUUh0rHkk5kRaosGFheJ2J94cVwL0XXoTXFVUwDKJ+XUvVQmEY4AKVSdAg
vc99/IZ23qxP4MKwSqcYPOsdPUCR4v4J5EKWqCMZdqnFOpQI36b0f2Q82iPh8Xfv
qA1rOl6Kogx1gL992mNJ/4NRaZUFK40/QEubTyxAKi2/XzYUu6cjcEtyitoByc7V
lWEW11yztYW8mUm8LdVQUNT7kJU+wc+GMCdVO3UAINy4Cg/yuuBh3EP7QwaPOfo=
=UdyX
-----END PGP SIGNATURE-----
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

