Robot CA at

David Shaw
Tue Dec 10 03:43:01 2002

On Sun, Dec 08, 2002 at 09:55:30PM -0600, Richard Laager wrote:
> David Shaw wrote:

> > In any event, I don't really follow your logic here - because the
> > system is already vulnerable to subversion we don't have to care
> > about putting poor data in?  Surely not.
> Poor data? I don't really see the difference between having a human
> verify my e-mail address and sign my key, and having a robot verify
> my e-mail address and sign my key.

"poor data" being the weak signatures in the first place, not the
source of the signatures.  I understand (and mostly agree) with the
statement that there is a need for weak signatures, and GnuPG should
provide some mechanism for dealing with that.  If/when that feature is
added, then there will be a way to specify such relationships.

But - we live in a wider world, and GnuPG is only one of several
OpenPGP implementations.  People who use this feature will have to
understand that the signature will more often than not, NOT mean what
they think it means.  PGP will treat this signature as strong, as will
all earlier versions of GnuPG, as will any of the other OpenPGP
implementations out there.

A "power user" feature, sure, but I wish I had a way to wave bright
red flags in someone's face before they do this to make sure they
understand that it almost certainly isn't going to do what they think
it will.


   David Shaw  |  |  WWW
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson