How do you know someone is who they say they are?
Mon Mar 17 17:51:01 2003
Content-Type: text/plain; charset=us-ascii
On Mon, Mar 17, 2003 at 09:59:33AM -0500, Christopher Nehren wrote:
> Assume that foo creates a key pair and exports it to a keyserver. Assume
> also that bar, in an attempt to impersonate foo, creates a user on their
> system with identical GECOS information. How would I verify that bar's
> key is in fact forged, and further that foo isn't trying to impersonate
> bar, and so forth?
(When did you upload your key to pgp.mainframe.cx? It hasn't propagated
Government-issued photo IDs. See the keysigning page on my website
for some useful links.
Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it?
email@example.com | web: http://jharris.cjb.net/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (FreeBSD)
-----END PGP SIGNATURE-----