[tahoe-dev] SSL samurai attack migration ninjas, film at 11

Olaf TNSB still.another.person at gmail.com
Sat Oct 29 08:07:46 UTC 2011

On 29/10/2011 5:21 PM, "James A. Donald" <jamesd at echeque.com> wrote:
> Do you feel much worse about code with gpg signature that whose key is not
connected to any web of trust, than code that is unsigned?

That's my exact point - there's little (no?) security from a signature or
SSL cert without a WoT.

> Actually an unsigned code signing key is just as good as one connected to
the web of trust, since the main thing that is useful to know is that
version 1.7 is issued by the same people as version 1.6.

"The" Web of Trust?  I think that's missing the point.  The people I trust
are likely to be different to those you trust, so "a" WoT is what is
relevant. So, yes, proof that v1.6 and 1.7 are signed by the same group is
important (and forms a WoT), independent of whether the signing key is in
the strong set (i.e. "The" WoT). I was trying (& I failed!) to point out
that an object with no WoT (i.e. a new, self signed, SSL cert) is pretty
worthless...at least in my mind.

That begs the WAY off-topic question, how do you form a web of trust when
you want to start from scratch and remain anonymous?  Lots of posts to a
security related mailing list?  ;)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://tahoe-lafs.org/pipermail/tahoe-dev/attachments/20111029/9dcf7c07/attachment.html>

More information about the tahoe-dev mailing list