Robot CA at toehold.com

[Huels, Ralf SCORE]

> I'm interested to hear opinions on this.  In particular, my 
> robot does not do a challenge/response the way it's usually
> assumed. It just signs the key and sends it to the address
> in the key ID.  I rely on delivery failure to eliminate the
> bad signatures.

Hmmm. Your robot appears to sign each UID separately and 
apparently it has just quietly declined to sign a test key 
with a non-selfsigned UID that I submitted. 
That takes care of the two problems that I thought such a system 
might have. Still, I would like the idea of encrypting the 
signed key material with the key itself before sending it back
so that even in case of some misdirection only the key owner
can publicize the certificate.

Tschuess,
Ralf