2

From emailselfdefense.fsf.org:

Be wary of invalid keys

GnuPG makes email safer, but it's still important to watch out for invalid keys, which might have fallen into the wrong hands. Email encrypted with invalid keys might be readable by surveillance programs.

In your email program, go back to the first encrypted email that Edward sent you. Because Edward encrypted it with your public key, it will have a message from Enigmail at the top, which most likely says "Enigmail: Part of this message encrypted."

When using GnuPG, make a habit of glancing at that bar. The program will warn you there if you get an email encrypted with a key that can't be trusted.

What exactly are invalid keys? Are these keys that have been revoked?

Community
  • 1
marmistrz
  • 141
  • 3

1 Answers1

1

What exactly are invalid keys?

Everybody can create OpenPGP-keys with arbitrary user IDs: search the key server network for president@whitehouse.gov, chances are high not a single one actually belongs to a former or current president of the United States.

This is because of the distributed and non-centralized character of the OpenPGP web of trust. There is no single entity (or group of entities) issuing trust or verifying identities, this is performed by recursively extending your personal verified view on the web of trust by validating signatures. Especially important to know is that key servers do not perform any kind of identity validation, you have to verify any keys fetched from the key server network!

I do not consider "invalid keys" a good description of the matter here: calling them "fake", "malicious" and "untrustworthy" would probably be the better description.

Are these keys that have been revoked?

Rather not. If they're issued by some attacker, he will not revoke the keys but make sure to keep them active.

Jens Erat
  • 23,446
  • 12
  • 72
  • 96
  • The link is broken – marmistrz Sep 28 '16 at 21:02
  • 1
    The quote reads: `fallen into the wrong hands`. I think it is not talking about fakes. Instead it is referring to private keys that have been compromised. A fake key would have never fallen into wrong hands because it has never been in the right hands in the first place. – grochmal Sep 28 '16 at 22:00
  • It seems I read over that sentence. Adding this, I don't consider what the whole section makes any sense at all. For sure you have to consider "keys fallen into the wrong hands", but you will neither recognize them by looking at the first mail you received encrypted (they did not even mention signed!), nor will GnuPG do so by warning you about untrusted keys. That bar _will_ warn you in case of unknown or _fake keys_, but that's it. – Jens Erat Sep 30 '16 at 18:40