[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [Debconf-discuss] Re: Please revoke your signatures from Martin Kraff's keys

I think two related, but seperate, issues are being conflated in this

The first is the identity of the person you are talking to at a key
signing event.  This is, and always has been, the weakest point of the
affair.  It is reasonably trivial to forge reasonable looking government
documents, especially from a country whose document format you know most
people are going to be unfamiliar with.

I happen to have met Martin several times, and am at this point reasonably
sure that the face I know as Martin is going to keep on calling himself
Martin.  This isn't really the point of keysigning though, at least
from my point of view.  It is still possible for me to be reaonably sure
Martin is Martin, and have no idea who controls the key he says is his.

The important part of keysigning, from my point of view, is that the
person who controls the private part of a gpg key is known, for some
version of known.  I am not really interested whether or not that person
has a valid government ID, just that it is the same person from contact
to contact (or upload to upload).

It seems to me that the only way to be reasonably sure that the person
you met is the person who replies to an encrypted email is to use
some sort of unique tokens exchanged at the event, and later verified
by gpg encrypted email.  Since we can't do anything like that in large
keysigning parties (the time it would take is prohibitive, not to mention
the necessary lack of secrecy in the exchange of tokens), I doubt we're
approaching anything like real validation.

So, now that my ramble is done, I guess what I'm saying is that these
events _by design_ are incapable of providing any real assurance about
someone's identity, and they tell us even less about who controls the
private key in question.  I'm not sure if that makes them useless, or if
they should just get a different trust level, or what.

Just my 2p,
|   ,''`.                                            Stephen Gran |
|  : :' :                                        sgran@debian.org |
|  `. `'                        Debian user, admin, and developer |
|    `-                                     http://www.debian.org |

Attachment: signature.asc
Description: Digital signature

Reply to: