Re: GPG Key Signing
On Fri, 29 Jun 2001, Manoj Srivastava wrote:
> >>"Steve" == Steve Langasek <firstname.lastname@example.org> writes:
> >> Are you implying that ensuring the person whose identity you
> >> verified actually controls the email address and the secret pass
> >> phrase adds no value to the web of trust?
> Steve> Out of curiosity, under what circumstances do you foresee
> Steve> someone bringing a public key that has their name on it, and
> Steve> their photo ID, to a keysigning party, when they don't have
> Steve> the private key that matches it? I'm as puzzled
> Steve> as Robbe wrt the problem this tries to solve.
> A) I have had this experience (they just wanted a signature,
> but they were not very serious about pgp.
> B) Wrong question. If you only protect against something when
> you know of a attack, you are unnecesarily vulnerable.
The Web of Trust necessarily depends on participants acting out of enlightened
self-interest. IMHO, signing a public key of somebody who's already lost the
private key is much less of a concern than signing the key of someone so
incredibly bone-headed that they've posted their private key to Usenet; and
since I can never prove that the person who's key I'm signing isn't this
clueless, I don't see much value in protecting against the first case,
especially since both problems affect the value of *their* key, not the value
of mine or of the Web of Trust as a whole.
Indeed, it might be useful to have more of this second class of ignoramus
running around posting their signed private keys to Usenet; perhaps this way,
the PGP community will begin to seriously deal with the non-transitive nature
of trust on a large scale.
In any case, I do see value in proving the signee controls the email addresses
they're asking me to sign, and they need the private key in order to prove
that (well, ok, depending on your definition of 'control'), so I'll concede
that this keysigning protocol is still useful. :)