[13572] in cryptography@c2.net mail archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

RE: Keyservers and Spam

daemon@ATHENA.MIT.EDU (Jill.Ramonsky@Aculab.com)
Wed Jun 11 10:42:52 2003

X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: Jill.Ramonsky@Aculab.com
To: cryptography@metzdowd.com
Date: Wed, 11 Jun 2003 09:19:55 +0100


> From: David Honig 
> Sent: Tuesday, June 10, 2003 11:53 PM
> Subject: RE: Keyservers and Spam
>
> You email your key to those who justify the request.  In plaintext,
> or on the phone.  What is the problem with that? 

The possibility of a MITM attack.

I observe that "confirmation" of the fingerprint by phone is worthless
unless the recipient is able to recognise my voice. In the case of a
stranger, that won't be the case.

Jill

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[13572] in cryptography@c2.net mail archive

RE: Keyservers and Spam

daemon@ATHENA.MIT.EDU (Jill.Ramonsky@Aculab.com)Wed Jun 11 10:42:52 2003

daemon@ATHENA.MIT.EDU (Jill.Ramonsky@Aculab.com)
Wed Jun 11 10:42:52 2003