The disadvantages of online KSP

Atom 'Smasher' atom at suspicious.org
Sun Dec 26 05:27:13 CET 2004


On Sat, 25 Dec 2004, Ben Branders wrote:

> Or am I missing something here?
> And has online KSP other disadvantages?
======================

where's the party? that's just a key-signing.

if you can't do any in-person identity checking, it's not much different 
than just sending an email to anyone with a key and signing it if they 
respond.

i at least hope that no one would sign one of these keys with anything 
other than a level 0-1 signature, but certainly people will sign with 
other levels.

really, this is terribly insecure... someone (other than the real ben 
branders) could register ben_branders at hotmail (or something) and collect 
signatures on it? that's just asking for trouble. if i know that someone 
participated in such insecure and irresponsible key signing practices i 
would have to NOT trust any signatures made with their key:
 	gpg --edit-key 0x12345678
 	trust
 	2 - I do NOT trust


-- 
         ...atom

  _________________________________________
  PGP key - http://atom.smasher.org/pgp.txt
  762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
  -------------------------------------------------

 	"A farmer's duty, is protecting the earth, maintaining
 	 it's fertility, and maintaining the fertility of seed.
 	 That is part of being a farmer. A farmer is not a
 	 low-paid tractor driver, that's a modern definition of
 	 what a farmer is. The real definition of a farmer is a
 	 person who relates to the land and relates to the seed
 	 and keeps it for future generations, keeps renewing
 	 it, fertility."
 		-- Dr. Vandana Shiva





More information about the Gnupg-users mailing list