How do you know someone is who they say they are?
Jason Harris
jharris@widomaker.com
Mon Mar 17 17:51:01 2003
--WIyZ46R2i8wDzkSu
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Mon, Mar 17, 2003 at 09:59:33AM -0500, Christopher Nehren wrote:
> Assume that foo creates a key pair and exports it to a keyserver. Assume
> also that bar, in an attempt to impersonate foo, creates a user on their
> system with identical GECOS information. How would I verify that bar's
> key is in fact forged, and further that foo isn't trying to impersonate
> bar, and so forth?
(When did you upload your key to pgp.mainframe.cx? It hasn't propagated
yet...)
Government-issued photo IDs. See the keysigning page on my website
for some useful links.
--=20
Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it?
jharris@widomaker.com | web: http://jharris.cjb.net/
--WIyZ46R2i8wDzkSu
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (FreeBSD)
iD8DBQE+df0xSypIl9OdoOMRAuPIAJ93GqGXl5K6cexwjSLG1vVWwZYBqACgrwOD
rIBRfhbzUw8/z9tsZh27OzE=
=Dgy0
-----END PGP SIGNATURE-----
--WIyZ46R2i8wDzkSu--