| gabriel rosenkoetter on Thu, 18 Apr 2002 14:25:54 -0400 |
|
On Thu, Apr 18, 2002 at 01:53:58PM -0400, Michael Leone wrote: > No, actually, it isn't absolutely sure, not for real identities, > anyway. > > Consider - any schmuck can make a gpg key with "Mike Leone" on it. > Said schmuck can also (probably easily) get a fake ID with the name > "Mike Leone" on it - I never bought a fake ID, but they can't be > IMPOSSIBLE to find ... > > Said schmuck sends Darxus fingerprint. Shows up at keysigning with > fake ID. Shows it around, and reads fingerprint. You go home, and > sign schmuck's key, having been perfectly satisifed. > > But it ain't me. That doesn't matter. The "name" field on PGP keys is pretty irrelevant, really, and this whole using ID routine is actually kind of inappropriate. We should all be doing the send-a-passphrase routine. The actual important information is whether or not someone who claims they own a particular key has the passphrase for the private version of that key. If they can decrypt (and repeat) a passphrase sent to the email address (or addresses) attached to the key, then they're the person at the other end of the wire. (This is why Darxus's lacking an ID that says Darxus doesn't really matter that much. Photo IDs don't prove much; access to the passphrase does.) > That might be stretching a point, but all the keysigning does is show > that the keyholder has verified to you that he is the keyholder. Not > that he says he is who he claims to be. Depends on your definition of "who he claims to be". I only mean "is the same person on the other end of the wire claiming to be that person." I don't care if you claim your name is Daffy Duck, as long as you do it consistently and use the same key, you're the same Daffy Duck I've dealt with before, and that's what actually matters. > Unless you wanna do a DNA test at every keysigning ... :-) Again, DNA has nothing to do with the passphrase for a given private key. > The paranoia I'm referring to is thinking that the above scenario is > being enacted on you. While it's possible, it's not too likely. ... and my point is still that "it's not too likely" is fuzzy, while "it is" or "it isn't" is made easily verifiable by doing the PGP key signing the right way. If you can deal in definites, why would you want to be vague? -- gabriel rosenkoetter gr@eclipsed.net Attachment:
pgpbOi0QZqaOb.pgp
|
|