[12847] in cryptography@c2.net mail archive
Re: Keysigning @ CFP2003
daemon@ATHENA.MIT.EDU (Jeroen van Gelderen)
Tue Mar 25 11:42:55 2003
X-Original-To: cryptography@wasabisystems.com
X-Original-To: cryptography@wasabisystems.com
Date: Tue, 25 Mar 2003 00:22:04 -0500
Cc: Ian Grigg <iang@systemics.com>,
"Douglas F. Calvert" <dfc@anize.org>,
<cryptography@wasabisystems.com>
To: bear <bear@sonic.net>
From: Jeroen van Gelderen <jeroen@vangelderen.org>
In-Reply-To: <Pine.LNX.4.40.0303241930250.16943-100000@bolt.sonic.net>
On Monday, Mar 24, 2003, at 22:32 US/Eastern, bear wrote:
> On Mon, 24 Mar 2003, Jeroen C. van Gelderen wrote:
>
>> It's rather efficient if you want to sign a large number of keys of
>> people you mostly do not know personally.
>
> Right, but remember that knowing people personally was supposed
> to be part of the point of vouching for their identity to others.
Not that I heard of. I always understood that I should be 'convinced'=20
of the identity and willing to state that to others.
Knowing someone personally is very nice and gives you rather a lot of=20
assurance that their identity is being used consistently and that=20
others know the person by the same identity. (It is for precisely that=20=
reason that I have signed a few keys for people who use an alias.)
Sometimes however you have the choice between a 'weaker' form of=20
certification and no certification at all. I prefer the former because=20=
it increases the chances of the WoT being useful. Key signing parties'=20=
reliance on passports are a case in point. In general passports are a=20
reasonable indication of identity.
> "I know this guy. We spent a couple years working on X together."
> is different in kind from "I met this guy once in my life, and he
> had a driver license that said his name was mike."
Yes. But PGP doesn't mandate either interpretation. That is what you=20
use your trust knobs for: you decide on a per-user basis how=20
trustworthy an identity certification from that user is. The redundancy=20=
of a well-connected WoT then helps you a bit in eliminating simple=20
errors.
Cheers,
Jeroen
--=20
Jeroen C. van Gelderen - jeroen@vangelderen.org
The python
has, and I fib no fibs,
318 pairs of ribs.
In stating this I place reliance
On a s=E9ance with one who died for science.
This figure is sworn to and attested;
He counted them while being digested.
-- Ogden Nash
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
