>>"Samuel" == Samuel Tardieu <[EMAIL PROTECTED]> writes:
Samuel> It has an enormous flaw: you do not sign a key, you sign an Samuel> id. That means that checking for one e-mail address for being Samuel> valid and signing all the ids is just bogus. You may use this Samuel> protocol, but you have to repeat each for every email Samuel> address you are going to sign. Actually, the real flaw seems to be that my email assumed that the protocol was going to be used by people who had a modicum of inductive reasoning. The outline mentions just one ID in the key being verified and signed, and I assumed that anyone this concerned about security would realize that the same needed to be done for evey ID one needed to verify. Quite obviously I was mistaken in my assumption. John, could you please add the iteration over email ID's to the protocol? ====================================================================== To Have Your Key Signed 4 ... You may receive separate emails for each email ID in your key To Sign Another Key put 6, 7, and 8 in a loop: For each address on the key; do: 6 ... 7 ... 8 ... done Double Key-Signing Same as above, except 6,7,8, and 9 should be in the loop. 10. You may wish to independenty send email to each email ID on the other persons key before signing that identity. ====================================================================== manoj -- The sight of death frightens them [Earthers]. Kras the Klingon, "Friday's Child", stardate 3497.2 Manoj Srivastava <[EMAIL PROTECTED]> <http://www.debian.org/%7Esrivasta/> 1024R/C7261095 print CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C