MITM evasion

Jay Campbell edge at got.net
Wed Oct 11 02:52:20 PDT 1995 

The message below (posted earlier today) caught my attention - I believe it
is a (fake?) MITM-generated message, because Tim's sig file has changed
recently (new domain name (got.net) and a disclaimer was added). The sig
attached to this anonymous message is at least a month out of date.

Even if this isn't just a mistake, it's not a true MITM attack, since this
is a third party /not/ between Tim and toad.com ... more of a spoof.

Do I win anything?

>Return-Path: owner-cypherpunks at toad.com
>Date: Wed, 11 Oct 1995 09:55:07 +0100
>Subject: MITM evasion
>To: cypherpunks at toad.com
>Subject: MITM evasion
>From: anon-remailer at utopia.hacktic.nl (Anonymous)

       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

>Organization: Hack-Tic International, Inc.
>Comments: Hack-Tic may or may not approve of the content of this posting
>Comments: Please report misuse of this automated remailing service to
<postmaster at utopia.hacktic.nl>
>Sender: owner-cypherpunks at toad.com
>
>Two years ago, I pointed out that getting a single message past
>the man in the middle isn't good enough; you have to convince your

                                 Unconvinced, for one ^^^^^^^^

>readers that the key they received on one channel is more accurate
>than the key they're receiving on all the other channels.
>But if they'll believe that, they may also believe the man in the middle's
>announcement that the key in your name on all the keyservers is
>wrong, and the correct key is the one he's putting out.
>Can't win either way, but it's still important to get the key out.
>
>My current key is 0x54696D4D; the fingerprint is 
>4D 65 44 75 53 61 21 2F   41 73 55 64 85 6D 21 7F.

This key isn't registered with the MIT keyserver; not proof in any sense,
but worth mentioning.

>
>..........................................................................
>Timothy C. May         | Crypto Anarchy: encryption, digital money,
>tcmay at sensemedia.net   | anonymous networks, digital pseudonyms, zero
>408-728-0152           | knowledge, reputations, information markets,
>Corralitos, CA         | black markets, collapse of governments.
>Higher Power: 2^756839 | Public Key: PGP and MailSafe available.
>"National borders are just speed bumps on the information superhighway."
>
>
--
   Jay Campbell   Regional Operations Manager
   -=-=-=-=-=-=-  Sense Networking (Santa Cruz Node) 
   edge at got.net   MIT PGP KeyID 0xACAE1A89           
 
"On the Information Superhighway, I'm the guy 
  behind you in this morning's traffic jam leaning on his horn."

More information about the Testlist mailing list