trust your corporation for keyowner identification?
Leo Gaspard
ekleog at gmail.com
Tue Nov 5 18:26:07 CET 2013
On Tue, Nov 05, 2013 at 12:40:11AM -0800, Paul R. Ramer wrote:
> I don't know how I can explain it any better than I have. I think you are confusing assertion with verification. Unless you can differentiate between the two in this case, I don't think you will see what I am talking about.
>
> [...]
>
> I guess all I can say is that one should have a key signing policy to let others know how he verifies keys.
>
> There. I said it all over again, just differently (and a whole lot more).
OK, I think I understood your point. (That is, assertion is not as strong as
verification.)
However, I think in this case (assuming there are no more UID on key 2 than on
key 1), assertions are sufficient, *because* there are two assertions, one in
both ways.
I mean :
* Owner of Key 1 says (s)he is owner of Key 2 (through signed message saying
you so)
* Owner of Key 2 says (s)he is owner of Key 1 (through signed UID on Key 2)
So, except in case of collusion between owners of Keys 1 and 2, I believe there
is no way one can be wrong in signing Key 2 (of course, if Key 1 is signed).
IIUC, your point is that verification would enable one to avoid collusion, as it
is the only flaw I can see in this verification scheme.
Except collusion can not be avoided in any way, AFAIK.
If that is not your point, could you exhibit a scenario in which there is a
signed UID on Key 2, a signed statement from Key 1 owner saying he owns Key 2,
and Key 2 not being usable by Key 1 owner ? (Of course, excepting collusion,
which as stated above can not be avoided.)
Cheers,
Leo
More information about the Gnupg-users
mailing list