[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] new keyserver online

From: C.J. Adams-Collier KF7BMP
Subject: Re: [Sks-devel] new keyserver online
Date: Sun, 22 Aug 2010 12:22:37 -0700

If your key is in my database prior to you requesting peerage (it was), it indicates to me that it was not generated strictly for the purpose of this communication.

If your identity ever comes in to question, I can remove you from the membership list until such time as I can request a trusted third party audit your operations.

On Sun, 2010-08-22 at 21:10 +0200, Christoph Anton Mitterer wrote:
On Sun, 2010-08-22 at 07:43 -0700, C.J. Adams-Collier KF7BMP wrote:
> Generating a signed message is as simple as this:
Yes,... but it gives you _no proof at all_ .

Even if _I_ would sign this. Anybody in between us two can simply catch
that message (and yours), take another key, and do the same signing.
You'd never notice that.
Therefore, one needs personal meetings in order to do keysigning.

See wikipedia for man-in-the-middle-attacks.


Attachment: signature.asc
Description: This is a digitally signed message part

reply via email to

[Prev in Thread] Current Thread [Next in Thread]