Christian Perrier wrote:
> Funnily, its implementation of the process *also* makes it (the
> process) more secure and reliable, thanks to the wisdom of the clever
> people who developed it
Whether verifying that someone currently gets email at the address on
their key actually adds any meausurable benefit when signing is
debatable, has been debated multiple times before, and neither side was,
IIRC, argued fully convincingly before. Unless there's new information[2],
discussing it again would not be useful.
However, caff does something clever: It encodes a particular viewpoint
on the best way to do things on the signing side into a somewhat[1] easy
to use program, thus encouraging even people who are not convinced that
it is the best way, to do things that way. This thread has shown that it
somewhat hides the cost by pushing it onto the person who receives the
caff mails. I think there's a broader lesson in there about arguing
persuasively through code.
--
see shy jo, channelling aj
[1] Less easy in my experience when one has more than one active key (N) and
is signing others with more than one key (M), that each have more than one
email address (E), as the number of questions caff asks scales badly,
O(N * M * E). It should be possible to reduce that to O(N * M + E), or
just O(M + E) or, ideally, to just one single question.
[2] Such as eg, madduck's mention of keyserver-no-modify.
Attachment:
signature.asc
Description: Digital signature