Re: Keysigning without physically meeting ... thoughts?
On Wed, 1 Jun 2005 11:52:03 +0100
Andrew Suffield <asuffield@debian.org> wrote:
> On Tue, May 31, 2005 at 02:13:54PM -0600, Wesley J. Landaker wrote:
> > On Tuesday 31 May 2005 14:11, Andrew Suffield wrote:
> > > On Tue, May 31, 2005 at 09:03:12AM -0600, Wesley J. Landaker wrote:
[snip]
>
> A notary doesn't certify that the document you hand them is
> correct. All they certify is that you handed them this particular
> document on this particular date.
And how is it any more trustworthy that I look at you and your
possibly-fake government ID card, and say, "Yep, that looks like
your picture."
> > Regardless, how is this different from meeting someone in person?
>
> The difference would be the deterrent effect. Without it, there's
> absolutely no reason why anybody wouldn't generate throwaway
> identities at whim.
If someone is determined to pass himself off as someone else, I
don't see how eyeballing him serves as a deterrent. Minors do it
(use fake IDs in public) "all the time".
A web of trust is based on how well an already-trusted person can
determine whether a candidate is who he says he is. The point of
using (in the US, at least) a Notary Public, is that the NP is
presumed to be trustworthy (there's a background check, etc, etc).
So, why shouldn't the web of trust be extended to NPs, for the
task of "initial authentication"?
--
-----------------------------------------------------------------
Ron Johnson, Jr.
Jefferson, LA USA
PGP Key ID 8834C06B I prefer encrypted mail.
"Peace is that brief glorious moment in history when everybody
stands around reloading."
Unknown
Reply to: