Re: GPG USAGE HOWTO 1 (was: Re: AM report on Thierry Bourrillon)

To: Peter Palfrader <weasel@debian.org>
Cc: debian-newmaint-admin@lists.debian.org
Subject: Re: GPG USAGE HOWTO 1 (was: Re: AM report on Thierry Bourrillon)
From: Ralf Treinen <treinen@club-internet.fr>
Date: Tue, 17 Apr 2001 09:50:06 +0200
Message-id: <[🔎] 20010417095006.A4788@club-internet.fr>
In-reply-to: <[🔎] 20010417092040.A18023@nautilus.noreply.org>; from weasel@debian.org on Tue, Apr 17, 2001 at 09:20:40AM +0200
References: <ocsi@irisz.hu> <[🔎] 200104170703.f3H734U14058@linda.lfix.co.uk> <[🔎] 20010417092040.A18023@nautilus.noreply.org>

On Tue, Apr 17, 2001 at 09:20:40AM +0200, Peter Palfrader wrote:

> You miss the point, imagine the following situation:
> 
> We meet, I show you my ID and give you the fingerprint.
> My key has two IDs:
> 	Peter Palfrader <weasel@debian.org>
> 	Peter Palfrader <sirpeter@gmx.net>
> 
> You sign both and send the key to my primary address or upload it to the
> keyserver.
> 
> Congratulations, you have just allowed me to impersonate Peter Palfrader
> <sirpeter@gmx.net>, who happens to be an all together different Peter
> Palfrader than me.

If I only signed the first one you enter the web of trust, and
hence can sign yourself the other one.

-Ralf.

Reply to:

Follow-Ups:
- Re: GPG USAGE HOWTO 1 (was: Re: AM report on Thierry Bourrillon)
  - From: Peter Palfrader <weasel@debian.org>

References:
- Re: GPG USAGE HOWTO 1 (was: Re: AM report on Thierry Bourrillon)
  - From: "Oliver Elphick" <olly@lfix.co.uk>
- Re: GPG USAGE HOWTO 1 (was: Re: AM report on Thierry Bourrillon)
  - From: Peter Palfrader <weasel@debian.org>

Prev by Date: Re: GPG USAGE HOWTO 1 (was: Re: AM report on Thierry Bourrillon)
Next by Date: Re: GPG USAGE HOWTO 1 (was: Re: AM report on Thierry Bourrillon)
Previous by thread: Re: GPG USAGE HOWTO 1 (was: Re: AM report on Thierry Bourrillon)
Next by thread: Re: GPG USAGE HOWTO 1 (was: Re: AM report on Thierry Bourrillon)
Index(es):
- Date
- Thread