Keysigning challenge policies/procedures

Michael Kallas michael.kallas at web.de
Sun Jul 9 15:09:56 CEST 2006


Hi,

Alphax schrieb:
> Suppose you send an email to Address W and encrypt an "authentication
> token" to Key X. You recieve a reply from Address Y, containing the
> authentication token, which has been signed with Key Z.
> 
> This tells you that /someone/ with access to W has recieved a message;
> /someone/ with access to X has decrypted it; /someone/ with access to Z
> has signed a reply; and /someone/ with access to Y has sent a reply.
> 
> Keys X and Z may or may not be the same key or subkeys of the same
> primary key, addresses W and Y may or may not be the same, and Y may or
> may not have been faked (which is trivial).
Couldn't I check this by looking at the public keys they published at
key servers?

Best wishes
Michael

-- 
Nobody can save your freedom but YOU -
become a fellow of the FSF Europe! http://www.fsfe.org/en
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
Url : /pipermail/attachments/20060709/7ec64bb0/signature.pgp


More information about the Gnupg-users mailing list