Opportunistic Encryption [Was: Keys not trusted]
darren chamberlain
dlc@users.sourceforge.net
Thu May 15 19:15:02 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
* Mark H. Wood <mwood at IUPUI.Edu> [2003-05-15 08:46]:
> On Tue, 13 May 2003, Jason Harris wrote:
> > The WoT doesn't cease to exist for "anonymous" keys. In fact, it
> > becomes purer. If you don't have a trust path to an "anonymous"
> > key, you can't even put any trust into it based on a name or email
> > address that you might be willing to trust.
>
> I need a little help here. What, exactly, would an "anonymous" key
> *mean*? To what would a document signed by such a key be bound, and
> why would I care?
An anonymous key could be used to establish that multiple messages came
from the same user (or didn't). It would let you know that the person
you were corresponding with was the same person from message to message,
even though it won't tell you who that person is. It would (or could,
at least) prevent someone other than the owner of the key from claiming
to be that person in the future.
(darren)
- --
Every thought you think is contributing its share to the ultimate
result of your life.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQE+w8qgzsinjrVhZaoRAgzpAJ9Gp00rQfnBDfpeNGBivsiDYvevfgCdFkJY
6aqGKrlC44p3hrQwmTg0xmY=
=RTIk
-----END PGP SIGNATURE-----