[liberationtech] My design to implement PGP in commercial email system

[boyska]

On 29/07/2013 01:45, Percy Alpha wrote:
> key and plain public key to Google. Because Google doesn't know your
> password, Google cannot server you a fake secret key, even though you
> download your encrypted secret key from Google every time you login.

this is using encryption (your password) to provide verification. I
don't believe this is safe (even if I can't came up with a way to break it).

> When the users tries to send an email to another Gmail user B for the first
> time, B's public key will be downloaded from Google and signed by A. Any
> subsequent times when A tries to send email to B, A will not only download
> B's key from Google but also verifies the authenticity of B's key. This
> prevents MITM attack if Google is hacked or forced by law enforcement. (For
> advanced users, Google can present the option to manually verify the public
> key for the first email. )

but what if Gmail provides a fake key for B? Why should you
automatically trust that key?

Also, I miss the point of signatures: A signs B's key, but noone cares
about that signature in that scheme. Am I missing something?

I think that this scheme relies on trust on your email provider and on
https not being MITM-ed, which I think is not common between people that
want to use PGP.

-- 
boyska