Hi Paul - There are several issues here, some of which relate to the mailer, some of which involve Microsoft's signing process, and some of which involve how the PGP product works. I'll do my best to explain what's happening, but if you have questions about using PGP, Network Associates is really the authoritative information source. The signature status and the key validity are two different issues entirely. The signature status ("good" in your note below) means that the signature was successfully verified. This tells you that the email hasn't been tampered with in transit, and that the public key you used to verify it is the mate to the private key that was used to sign it. What this does *not* tell you is whether the key is actually the Microsoft key -- that's what the validitor indicator tells you. In the case you cited below, the validity indicator ("invalid") means that PGP couldn't certify that the key actually is the Microsoft key. There's a fine shade of meaning here that's very important. "Invalid" doesn't mean that the key isn't the Microsoft, only that PGP couldn't confirm that it's the Microsoft key. PGP assesses the validity of a key by seeing whether anyone you trust has vouched for its authenticity by signing it. In this case, it says that the key is invalid because nobody you trust has signed it. As you noted, there are two signatures on the key. One is a self-signature; the other belongs to a group called MS-CERT. Because you don't have MS-CERT's key in your keyring, its signature on the key is meaningless -- it doesn't have any bearing on the key's validity one way or the other. We don't ask other parties to sign our key because there are over 150,000 subscribers to our notification service, and it's unlikely that there is a key (or even a reasonable set of keys) that is trusted by all of them. Instead, we provide a different way to validate that you've downloaded the bona fide Microsoft key. You can download the key via an SSL session, and when downloading the key you can check the certificate to confirm that you're actually at the Microsoft web site. After downloading it, you can check the key's fingerprint against the one posted on the download page and confirm that they're the same. (BTW, you're right that the page on the mailer is currently returning an error. We're working to get it returned to service, but in the meantime an alternative URL is http://www.microsoft.com/technet/security/bulletin/notify.asp). Because the validity assessment from PGP is based on whether someone you trust has signed the key, you can, if you like, make the key valid by signing it yourself. However, there's no requirement to do this -- PGP doesn't require that the be shown as valid in order to use it to verify the signature. If you do decide to sign the key, you should only do so after confirming via one of the methods above that it really is the Microsoft key. Don't simply sign the key in order to make the error message go away. You're right that the name on the signing key (secureat_private) is different from the address that sent the email (secnotifat_private). However, this has nothing to do with whether the signature can be verified, nor does it have anything to do with PGP's validity assessment. When verifying the signature, PGP selects the right key in your keyring based on the name associated with the signing key. The "from" address on the email doesn't play any part in verifying the signature. We use the secureat_private key to sign bulletin mailers in order to minimize the number of Microsoft keys customers have to have in their PGP keyrings. We need to have a key that customers can use to send us encrypted mail at secureat_private, and we also need one we can use to sign bulletin mailers. We concluded that we could avoid a certain amount of confusion by using the same key for both purposes. As you noted, there have been a number of bogus bulletin mailers circulating lately, and it's a good idea to always confirm the signature on any mailer you receive. The signature verification on a mail could fail for any of a number of innocuous reasons -- the Notification Service's list server might flip a bit, the mail viewer on your local machine might reformat the mail when displaying it, etc -- or it could be a bogus mailer sent by a malicious user. The signature verification process doesn't give you any way to know which is the case. Anytime the signature verification fails, the best course of action is to visit www.microsoft.com/technet/security and view the web-hosted version of the bulletin. The version on the web is always the authoritative version. Hope that helps explain the situation. There's more information on this subject available at http://www.microsoft.com/technet/itsolutions/security/news/bogus.asp. Regards, Scott Culp Security Program Manager Microsoft Security Response Center -----Original Message----- From: Paul Murphy [mailto:Paul.Murphy@gemini-genomics.com] Sent: Thursday, July 26, 2001 2:15 AM To: bugtraqat_private Subject: Re: Microsoft Security Bulletin MS01-040 As per MS01-038, this bulletin is signed with a PGP key which does not match the sender, and so does not verify. The key is for "secureat_private", while the sender is "secnotifat_private", and as a result PGP reports: *** PGP Signature Status: good *** Signer: Microsoft Security Response Center <secureat_private> (Invalid) *** Signed: 26/07/2001 02:08:04 *** Verified: 26/07/2001 09:58:00 The reason why the signer is invalid is that their key is signed by an unknown signer (Key ID 0x63303caf). This turns out to be for "mscertat_private", and expired on 2/1/01. Is it too much to ask that they have their key signed by Verisign or some other well-known and trusted source, and that the keys in use are within their valid period? Worse still, the advisory contains the following paragraph: >To verify the digital signature on this bulletin, please download our >PGP key at http://www.microsoft.com/technet/security/notify.asp. This page does not exist - it should perhaps be http://www.microsoft.com/technet/security/bulletin/notify.asp Having just had an incident where someone forged a MS advisory, I would think that getting this right is perhaps a higher priority than it would appear to Microsoft... Best Wishes, Paul. ------------------------------------------------------------------------ ----- Paul Murphy - Head of I.T., Gemini Genomics 162 Science Park, Cambridge CB4 0GH Tel. 01223 435305 Fax. 01223 435301 http://www.gemini-genomics.com/ _______________________________________________________________________ DISCLAIMER: This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to which they are addressed. If you have received this email in error please contact the Gemini I.T helpdesk on : +44 (0) 1223 435333 _______________________________________________________________________
This archive was generated by hypermail 2b30 : Thu Jul 26 2001 - 22:34:46 PDT