Re: Keyservers Cross Site Scripting (When CSS Gets Dangerous)

[Len Sassaman <rabbi () quickie net>]

On Sat, 20 Apr 2002, Noam Rathaus wrote:

> A security vulnerability in the way the server returns results of key
> queries allows attackers to insert malicious code into existing replies.
> This is of particular danger when it comes to keyservers, since the key
> information itself is usually considered as highly trustworthy.

While I'm not attempting to discount the fact that this is a serious flaw
in OKS, and that the lack of vendor action is disturbing, I do have to
point out that the above claim is, in fact, incorrect.

Key information on key servers is usually considered highly
*untrustworthy.* Key servers are public repositories that exist to make
the sharing of public keys easier. A key's existence on a key server does
not imply it is trustworthy.

There is, first of all, no method in most key servers for authenticating
that a given key belongs to the person whose name or email address it
bears. Additionally, issues like the 0xDEADBEEF attack, the fact that
unauthorized user-ids can be munged onto a legitimate key without the
owner's permission, etc., make it *essential* that a user not trust the
key servers. Direct fingerprint verification and web of trust analysis are
key.

Key servers are central points for collating signatures to help propagate
the web of trust. If you fail to realize this, or how the web of trust
works, PGP will provide you with very little security.


--Len.