The disadvantages of online KSP

Henk de Bruijn henkdebruijn at wanadoo.nl
Sun Dec 26 07:32:38 CET 2004


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sat, 25 Dec 2004 15:33:42 -0500GMT (25-12-2004, 21:33 +0100, where
I live), David Shaw wrote:

> On Sat, Dec 25, 2004 at 08:44:45PM +0100, Ben Branders wrote:

...<snip>

>> But then again, you can never know for sure that someone is an
>> imposter or not. There are a lot of people who share exactly the
>> same name. Even if you check their identity in real life, one of
>> them can mislead you...

> Signing someone's key is you making a statement that you have checked
> that the key belongs to the person named in the user ID.  You really
> can't do that in a strong way without meeting physically.

> I would not sign someone's key under such circumstances.

Neither would I.

- --
Henk
______________________________________________________________________
The Bat!™ Natural Email System v3.0.1nl Professional on Windows XP SP2
PGPkey available at http://www.biglumber.com/x/web?qs=0x12069B93DBE6E678
Gossamer Spider Web of Trust GSWoT http://gswot.dyndns.org/
A Progressive and Innovative Web of Trust

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (MingW32) - GPGrelay v0.955

iD8DBQFBzlsNEgabk9vm5ngRAjL6AJ0Z4AowbODhoWp/3/Rt7L0TT0YsbACeIgXS
VUsb+B/e8ca1/X39Ldz3sNc=
=mZh0
-----END PGP SIGNATURE-----




More information about the Gnupg-users mailing list