Virtual Keysignings

CL Gilbert
Fri Jun 6 16:01:02 2003

Hash: SHA1

Ben Finney wrote:
| On 05-Jun-2003, Adrian 'Dagurashibanipal' von Bidder wrote:
|>On Thursday 05 June 2003 16:33, Daniel Luebke wrote:
|>>What do you think of signing a person (or having a keysigning party)
|>>which is conducted through a video link?
|>In my opionion, it is not really a question of the medium you use. If
|>I know a person, I'd not hesitate to sign a key even only speaking on
|>the phone, or from a faxed request when I have enough circumstancial
|>evidence that it's the real person (is it somebody who would ask me to
|>sing his key, voice of course, handwriting, ...).
| That is exactly the issue though: Unless you trust the medium, you
| *cannot know* that the person at the other end is who you think they
| are.
| Meeting in person, you have only to be convinced that the person
| standing in front of you is who they say they are.  The medium, then, is
| merely the air between you and your own senses; you won't get a more
| trustworthy medium than that.
| Any additional medium placed between you must be trusted *in itself* to
| be uncompromised, quite separately from your trust for the person at the
| other end.  You may trust the medium of a video link has not been
| compromised.  But what about a phone line?  A recorded statement?  An
| email?  An instant message system?  A typewritten letter in the post?
| A combination -- a typewritten letter, faxed, then couriered to you?
| In all of these instances, before you can even begin to consider whether
| you trust the identity of the person at the other end, you must decide
| your trust for the medium -- and therefore of the people managing that
| medium, and everyone involved in getting the message to you.
| You can decide your own level of paranoia for these instances; but to
| claim "it is not really a question of the medium you use" is quite
| blinkered.
A personal meeting only puts a name with a face.  This only matters if
you require a "face" to conduct your business.  Most of the time we do
not.  Well it does do a 2nd thing, as you indicated.  It eliminates man
in the middle attacks.  These attacks are extremely hard anyway.
Especially since you can communicate pub keys through so many mediums;
email, newsgroup, webpage, IRC, etc.. Plus the attack requires both keys.

A certificate only certifies that a person stays the same from the time
you sign it.  It does not guarantee anything more than that.

- --

Carl L. Gilbert
Free Java interface to
"Then said I, Wisdom [is] better than strength: nevertheless the poor
man's wisdom [is] despised, and his words are not heard." Ecclesiastes 9:16
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla -