[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Keysigning without physically meeting ... thoughts?

On Wed, 1 Jun 2005 11:52:03 +0100
Andrew Suffield <asuffield@debian.org> wrote:

> On Tue, May 31, 2005 at 02:13:54PM -0600, Wesley J. Landaker wrote:
> > On Tuesday 31 May 2005 14:11, Andrew Suffield wrote:
> > > On Tue, May 31, 2005 at 09:03:12AM -0600, Wesley J. Landaker wrote:
> A notary doesn't certify that the document you hand them is
> correct. All they certify is that you handed them this particular
> document on this particular date.

And how is it any more trustworthy that I look at you and your
possibly-fake government ID card, and say, "Yep, that looks like 
your picture."

> > Regardless, how is this different from meeting someone in person?
> The difference would be the deterrent effect. Without it, there's
> absolutely no reason why anybody wouldn't generate throwaway
> identities at whim.

If someone is determined to pass himself off as someone else, I 
don't see how eyeballing him serves as a deterrent.  Minors do it
(use fake IDs in public) "all the time".

A web of trust is based on how well an already-trusted person can
determine whether a candidate is who he says he is.  The point of
using (in the US, at least) a Notary Public, is that the NP is 
presumed to be trustworthy (there's a background check, etc, etc).

So, why shouldn't the web of trust be extended to NPs, for the 
task of "initial authentication"?

Ron Johnson, Jr.
Jefferson, LA  USA
PGP Key ID 8834C06B I prefer encrypted mail.

"Peace is that brief glorious moment in history when everybody
stands around reloading."

Reply to: