[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Red team attacks vs. cracking

On Tuesday 30 May 2006 10:40, Joe Smith wrote:
> But Martin decided to publish this experiment.
> Is this really a bad thing? He proved that KSP are bad for the web of
> trust. 

Isn't what Martin and this thread actually demonstrated is that signing keys 
based on IDs you cannot reasonably authenticate as real, with a focus on 
quantity instead of quality among KSP participants is the real problem at 

Even the guy at 7-Eleven has the big book of north american ID cards with 
pictures and descriptions of what makes a real one for when they encounter an 
ID that they've never seen before.  Surely Debian can do as well as the guy 
selling cigarettes and beer at the 7-Eleven when it comes to verification...

Paul Johnson
Email and IM (XMPP & Google Talk): baloo@ursine.ca
Jabber: Because it's time to move forward  http://ursine.ca/Ursine:Jabber

Attachment: pgp8mVIpk_hWl.pgp
Description: PGP signature

Reply to: