On Fri, 29 Jun 2001, Manoj Srivastava wrote: > >>"Steve" == Steve Langasek <[EMAIL PROTECTED]> writes:
> >> Are you implying that ensuring the person whose identity you > >> verified actually controls the email address and the secret pass > >> phrase adds no value to the web of trust? > Steve> Out of curiosity, under what circumstances do you foresee > Steve> someone bringing a public key that has their name on it, and > Steve> their photo ID, to a keysigning party, when they don't have > Steve> the private key that matches it? I'm as puzzled > Steve> as Robbe wrt the problem this tries to solve. > A) I have had this experience (they just wanted a signature, > but they were not very serious about pgp. > B) Wrong question. If you only protect against something when > you know of a attack, you are unnecesarily vulnerable. The Web of Trust necessarily depends on participants acting out of enlightened self-interest. IMHO, signing a public key of somebody who's already lost the private key is much less of a concern than signing the key of someone so incredibly bone-headed that they've posted their private key to Usenet; and since I can never prove that the person who's key I'm signing isn't this clueless, I don't see much value in protecting against the first case, especially since both problems affect the value of *their* key, not the value of mine or of the Web of Trust as a whole. Indeed, it might be useful to have more of this second class of ignoramus running around posting their signed private keys to Usenet; perhaps this way, the PGP community will begin to seriously deal with the non-transitive nature of trust on a large scale. In any case, I do see value in proving the signee controls the email addresses they're asking me to sign, and they need the private key in order to prove that (well, ok, depending on your definition of 'control'), so I'll concede that this keysigning protocol is still useful. :) Steve Langasek postmodern programmer
