trust your corporation for keyowner identification?

Leo Gaspard ekleog at gmail.com
Tue Nov 5 18:26:07 CET 2013


On Tue, Nov 05, 2013 at 12:40:11AM -0800, Paul R. Ramer wrote:
> I don't know how I can explain it any better than I have. I think you are confusing assertion with verification.  Unless you can differentiate between the two in this case, I don't think you will see what I am talking about.
> 
> [...]
> 
> I guess all I can say is that one should have a key signing policy to let others know how he verifies keys.
> 
> There. I said it all over again, just differently (and a whole lot more).

OK, I think I understood your point. (That is, assertion is not as strong as
verification.)

However, I think in this case (assuming there are no more UID on key 2 than on
key 1), assertions are sufficient, *because* there are two assertions, one in
both ways.

I mean :
 * Owner of Key 1 says (s)he is owner of Key 2 (through signed message saying
   you so)
 * Owner of Key 2 says (s)he is owner of Key 1 (through signed UID on Key 2)

So, except in case of collusion between owners of Keys 1 and 2, I believe there
is no way one can be wrong in signing Key 2 (of course, if Key 1 is signed).

IIUC, your point is that verification would enable one to avoid collusion, as it
is the only flaw I can see in this verification scheme.
Except collusion can not be avoided in any way, AFAIK.

If that is not your point, could you exhibit a scenario in which there is a
signed UID on Key 2, a signed statement from Key 1 owner saying he owns Key 2,
and Key 2 not being usable by Key 1 owner ? (Of course, excepting collusion,
which as stated above can not be avoided.)

Cheers,

Leo



More information about the Gnupg-users mailing list