Questions about generating keys

[Robert J. Hansen]

Oskar L. wrote:
> My first guess would be that you are in one of your friends address
> book, and your friend has spyware that got it.

This is not the case.  No one had it except me.

> If the amount of resources are so small that even combined they are 
> insignificant, then why not use both?

Because there is no such thing as an 'insignificant' amount of
resources.  Everything has a price associated with it.  The trick is to
get the most bang for your buck.

>> "User IDs do not provide any authentication", okay, that much is
>> true. If you want authentication, you're really looking for a
>> trusted signature on the user ID, fine.
> 
> You are confusing authenticity and trust.

Please read the manual.  I am not confusing the two.

Authentication of a user ID is provided by a trusted signature.  Period,
end of sentence.

> I you visit Bob and he gives you his fingerprint, and when you get
> home you see that it matches the one on his key, then the key is
> authenticated.

No.  You also have to trust that Bob isn't playing a game with you.

> If you now get Marys key, with a signature from Bob,
> this does not make Marys key authenticated!

Yes.  Like I said: you're really looking for a _trusted_ signature.
Clearly, in this case you do not trust Bob to make signatures that are
in accordance with your security policy.

> point is that even if Bob is your best friend and a security guru who
> has no cat, his signature is still not a 100% guarantee that the key
> really belongs to Mary. All the signature provides is various degrees

What world do you live in which offers total assurances of anything
other than the inevitability of death and taxes?

This is not a game of certainties.  Security is a game of probabilities.
 Anyone who insists on absolutes needs to stop using computers.

> Traffic analysis will reveal what time you are active, and how much
> data you are transferring.

More importantly in the case you're describing, to whom.