Question for SImnon (was ID Card Fail)
Charles Lindsey
chl at clerew.man.ac.uk
Tue Aug 11 11:24:30 BST 2009
On Mon, 10 Aug 2009 14:21:04 +0100, Ian Batten <igb at batten.eu.org> wrote:
> On Mon, August 10, 2009 12:00, Nicholas Bohm wrote:
>>
>> An uncomplicated solution would be to put the public key on a sensibly
>> labelled URL and publish the key fingerprint at intervals in the London
>> Gazette to give a reasonable assurance of genuineness.
>
> What's the current thinking on the ability of a miscreant to produce a
> key
> that he controls whose public key has a specified fingerprint?
Exceedingly difficult, I should hope.
Since otherwise all current Public Key Cryptography (certainly for
authentication purposes) is already worthless.
(One assumes some reasonable level of cryptographic competence in the
setting up the sysyem, of course).
--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Web: http://www.cs.man.ac.uk/~chl
Email: chl at clerew.man.ac.uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
More information about the ukcrypto
mailing list