https - hopefully not too stupid a question
alec.muffett at gmail.com
Sun Jun 17 14:01:55 BST 2012
On 17 Jun 2012, at 09:48, Roger Hayter wrote:
> Another naive question I am afraid: If an organisation published a suitable key in the newspapers and the organisation itself avoided legal or illegal state penetration of its private information, would that enable individuals to set up secure two way communication with said organisation regardless of any MITM?
Yes and no, depends on your threat model and paranoia level, as well as software implementations.
In short you have to define what you mean by "secure" in this context - otherwise we can do the James Bond thing (give you newspapers with bogus certificates) or the repressive state thing (torture you for merely connecting to [ENTITY] regardless of what you communicated).
But assuming a non-torturing western liberal democracy and your not being interesting enough to make it worth faking all your data sources, then yes this is kinda possible, so long as the software supports it.
Most browsers don't support it on the basis that it's complicated and only paranoiacs would want to do this. Alas.
PGP is _based_ on this principle, however; plus the "web of trust"; and SSH implements what is now called the TOFU (Trust On First Use) model, which attempts to guarantee that next time you return to a site it will be the same one to which you've previously connected, which is almost the same as your scenario.
More information about the ukcrypto