I think two related, but seperate, issues are being conflated in this discussion. The first is the identity of the person you are talking to at a key signing event. This is, and always has been, the weakest point of the affair. It is reasonably trivial to forge reasonable looking government documents, especially from a country whose document format you know most people are going to be unfamiliar with. I happen to have met Martin several times, and am at this point reasonably sure that the face I know as Martin is going to keep on calling himself Martin. This isn't really the point of keysigning though, at least from my point of view. It is still possible for me to be reaonably sure Martin is Martin, and have no idea who controls the key he says is his. The important part of keysigning, from my point of view, is that the person who controls the private part of a gpg key is known, for some version of known. I am not really interested whether or not that person has a valid government ID, just that it is the same person from contact to contact (or upload to upload). It seems to me that the only way to be reasonably sure that the person you met is the person who replies to an encrypted email is to use some sort of unique tokens exchanged at the event, and later verified by gpg encrypted email. Since we can't do anything like that in large keysigning parties (the time it would take is prohibitive, not to mention the necessary lack of secrecy in the exchange of tokens), I doubt we're approaching anything like real validation. So, now that my ramble is done, I guess what I'm saying is that these events _by design_ are incapable of providing any real assurance about someone's identity, and they tell us even less about who controls the private key in question. I'm not sure if that makes them useless, or if they should just get a different trust level, or what. Just my 2p, -- ----------------------------------------------------------------- | ,''`. Stephen Gran | | : :' : sgran@debian.org | | `. `' Debian user, admin, and developer | | `- http://www.debian.org | -----------------------------------------------------------------
Attachment:
signature.asc
Description: Digital signature