>>"Samuel" == Samuel Tardieu <[EMAIL PROTECTED]> writes:
Samuel> It has an enormous flaw: you do not sign a key, you sign an
Samuel> id. That means that checking for one e-mail address for being
Samuel> valid and signing all the ids is just bogus. You may use this
Samuel> protocol, but you have to repeat each for every email
Samuel> address you are going to sign.
Actually, the real flaw seems to be that my email assumed that
the protocol was going to be used by people who had a modicum of
inductive reasoning. The outline mentions just one ID in the key
being verified and signed, and I assumed that anyone this concerned
about security would realize that the same needed to be done for evey
ID one needed to verify. Quite obviously I was mistaken in my
assumption.
John, could you please add the iteration over email ID's to
the protocol?
======================================================================
To Have Your Key Signed
4 ...
You may receive separate emails for each email ID in your key
To Sign Another Key
put 6, 7, and 8 in a loop:
For each address on the key; do:
6 ...
7 ...
8 ...
done
Double Key-Signing
Same as above, except 6,7,8, and 9 should be in the loop.
10. You may wish to independenty send email to each email ID on the
other persons key before signing that identity.
======================================================================
manoj
--
The sight of death frightens them [Earthers]. Kras the Klingon,
"Friday's Child", stardate 3497.2
Manoj Srivastava <[EMAIL PROTECTED]> <http://www.debian.org/%7Esrivasta/>
1024R/C7261095 print CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]