Manoj Srivastava <srivasta@debian.org> writes: > Are you implying that ensuring the person whose identity you > verified actually controls the email address and the secret pass > phrase adds no value to the web of trust? Not to me (but obviously to you, so overall the web's value is increased, can't argue with that). I basically trust the person to not lie. An evil person could induce me to: * send her messages that she could not decrypt (she lied to me about owning the key). * send messages to a mail adress that - bounces, - is never read, - belongs to another person, who can't decrypt it. In all these scenarios, the maximum loss for me is the work I put into that mail (although I often keep copies, so it may not be entirely lost), and the gain to the attacker is zero. > Robbe> [...] I'm not that interested in whether the e-mail is > Robbe> signed by anybody besides the owner of the key. > > So a compromiser can just merrily add email addresses that > never point to the owner, and the owner shall never know. Re-read what I said: while I don't care about others signing additional ids, I consider ids not signed by the key highly dubious. Your compromiser can't add self-signed ids to a public key unless he holds the corresponding private key. -- Robbe
Attachment:
signature.ng
Description: PGP signature