On 05/05/2009 05:14 PM, Micah Anderson wrote: > You dont need to print out all of that, just the part that contains the > fingerprint is sufficient: > > pub 1024D/C671257D 2004-12-27 [expires: 2014-12-25] > Key fingerprint = 6EF6 C284 C95D 78F6 0B78 FFD3 981C 5FD7 C671 257D I think it actually is useful to include the User ID (at least the human's full name) in the printout. This is because the actual signing is going to happen significantly later than the exchange of information. Say i want to take over your identity, Micah. I start by making a new key, and i put your name on it. Next, i bring its fingerprint to the keysigning party. At the party, i show people my own ID, and they verify that i'm dkg, and take the unadorned fingerprint. They also know that you're there, and take home your unadorned fingerprint. Then, the next day, after the hangover has worn off, they sit down to process the slips. Each one that comes up matches someone who they met the previous evening, but now i've got signatures on the fake key, even though i never presented "Micah Anderson" credentials. This is extra-bad if people just upload their signatures to the public keyservers instead of using caff (or something similar) because i could have included <micah@riseup.net> in the UID on my bogus key. If people use caff, then i'll only be able to ever retrieve signatures on my own key that were sent to an e-mail address that i can actually read. (there are sneaky ways around this too if people aren't careful, i think, but i'm already digressing too much). Simply including your full name (and ideally all desired e-mail addresses) on the printout along with the fingerprint will help prevent this kind of a compromise of the web of trust, because people making certifications days later will have an explicit binding between the two (key+uid) on paper in front of them. >> After you have confirmed >> the other person's identity matching the key's fingerprint, you will >> keep his/her piece. of paper and proceed to the next person. When you >> are back home, you will sign the keys for all the pieces of paper you >> have in your pocket. To be extra-careful, you'll probably want to initial or otherwise reliably mark the slip of paper upon which are the verified credentials and fingerprint. That way, no one can slip an additional piece of paper in your pocket during the evening and trick you into signing it later. Only cryptographically certify the pieces of paper you have in your pocket which you know that you explicitly verified in person! Nit-pickingly yours, --dkg
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ DebianNYC mailing list DebianNYC@vireo.org http://lists.vireo.org/cgi-bin/mailman/listinfo/debiannyc