turgon on Thu, 18 Apr 2002 14:58:17 -0400


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] key-signing Thursday?


> person." I don't care if you claim your name is Daffy Duck, as long as
> you do it consistently and use the same key, you're the same
> Daffy Duck I've dealt with before, and that's what actually matters.

Depends on what you define your purposes to be, don't you think? If you're
transferring legal docs (for example), it might become an issue.

> ... and my point is still that "it's not too likely" is fuzzy, while
> "it is" or "it isn't" is made easily verifiable by doing the PGP key
> signing the right way. If you can deal in definites, why would you want
> to be vague?

Actually, I agree with you. Just figured I'd try arguing from the other
side, to see if I could come up with something I had not considered, or had
not appropriately prioritized, before.

See, you (and usually I) define the other's identity as "you're the same
Daffy Duck I've dealt with before, and that's what actually matters".
However, not everyone does. They mean as my example pointed out - out here
in the real world, where the bad guys are. <G>

F'r instance, I trust that you are actually Gabe, based on meeting you;
repeated interchanges here; etc. Hell, for all I know, you could be A.
Hitler the 3rd. :-)




______________________________________________________________________
Philadelphia Linux Users Group       -      http://www.phillylinux.org
Announcements-http://lists.phillylinux.org/mail/listinfo/plug-announce
General Discussion  -  http://lists.phillylinux.org/mail/listinfo/plug