Virtual Keysignings
CL Gilbert
Lamont_Gilbert@RigidSoftware.com
Fri Jun 6 16:01:02 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Ben Finney wrote:
| On 05-Jun-2003, Adrian 'Dagurashibanipal' von Bidder wrote:
|
|>On Thursday 05 June 2003 16:33, Daniel Luebke wrote:
|>
|>>What do you think of signing a person (or having a keysigning party)
|>>which is conducted through a video link?
|>
|>In my opionion, it is not really a question of the medium you use. If
|>I know a person, I'd not hesitate to sign a key even only speaking on
|>the phone, or from a faxed request when I have enough circumstancial
|>evidence that it's the real person (is it somebody who would ask me to
|>sing his key, voice of course, handwriting, ...).
|
|
| That is exactly the issue though: Unless you trust the medium, you
| *cannot know* that the person at the other end is who you think they
| are.
|
| Meeting in person, you have only to be convinced that the person
| standing in front of you is who they say they are. The medium, then, is
| merely the air between you and your own senses; you won't get a more
| trustworthy medium than that.
|
| Any additional medium placed between you must be trusted *in itself* to
| be uncompromised, quite separately from your trust for the person at the
| other end. You may trust the medium of a video link has not been
| compromised. But what about a phone line? A recorded statement? An
| email? An instant message system? A typewritten letter in the post?
| A combination -- a typewritten letter, faxed, then couriered to you?
|
| In all of these instances, before you can even begin to consider whether
| you trust the identity of the person at the other end, you must decide
| your trust for the medium -- and therefore of the people managing that
| medium, and everyone involved in getting the message to you.
|
| You can decide your own level of paranoia for these instances; but to
| claim "it is not really a question of the medium you use" is quite
| blinkered.
|
A personal meeting only puts a name with a face. This only matters if
you require a "face" to conduct your business. Most of the time we do
not. Well it does do a 2nd thing, as you indicated. It eliminates man
in the middle attacks. These attacks are extremely hard anyway.
Especially since you can communicate pub keys through so many mediums;
email, newsgroup, webpage, IRC, etc.. Plus the attack requires both keys.
A certificate only certifies that a person stays the same from the time
you sign it. It does not guarantee anything more than that.
- --
L8r,
Carl L. Gilbert
Free Java interface to Freechess.org
http://www.rigidsoftware.com/Chess/chess.html
"Then said I, Wisdom [is] better than strength: nevertheless the poor
man's wisdom [is] despised, and his words are not heard." Ecclesiastes 9:16
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE+4J4JVbJM14DSCi0RApHkAJ4h890Gu2Hct5koaExrxA63cCegFACg8AVU
Whr4o7M4cnY5qAJ8VKDODgM=
=ToKY
-----END PGP SIGNATURE-----