[Enigmail] Hello Enigmail, new user here!
Phil Stracchino
alaric at metrocast.net
Mon Mar 10 15:20:58 PDT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Robert J. Hansen wrote:
| Phil and Olav have given you answers that look contradictory. They're
| not. Both answers are correct _within their particular threat model_.
|
| A threat model is a description of what sorts of attacks you believe
| you're likely to encounter. Phil believes MitM attacks are unlikely to
| be used against him;
Well, actually, no, I didn't say that. What I said was that an active
attack of whatever form - be it MitM, website spoofing, compromising a
known webserver, or whatever - requires more effort and sophistication
than simply posting a key falsely purported to be mine to the keyserver
network. Any idiot can post a false key with my userid attached to it;
no particular skill or technical knowledge is required.
- --
~ Phil Stracchino, CDK#2 ICBM: 43.5607, -71.355
~ Renaissance Man, Unix ronin, Perl hacker, Free Stater
~ alaric at caerllewys.net alaric at metrocast.net
~ It's not the years, it's the mileage.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFH1bRK0DfOju+hMkkRCNYRAJ4+acXk7JRalwBUv66rpS09C9fZZwCgiMbx
H7Jgntt+GBSDftW7+pQTKh4=
=tXTi
-----END PGP SIGNATURE-----
More information about the Enigmail
mailing list