>>"Robbe" == Robert Bihlmeyer <[EMAIL PROTECTED]> writes:
Robbe> What additional security does this protocol offer over simple ID Robbe> checking? IOW, what problem does it solve? Are you implying that ensuring the person whose identity you verified actually controls the email address and the secret pass phrase adds no value to the web of trust? >> It has an enormous flaw: you do not sign a key, you sign an id. Robbe> Indeed. And I usually consider the e-mail not part of the signed data Robbe> (although, technically it is). It would be good to have make that Robbe> explicit by having one uid on the key without e-mail. I'd sign just Robbe> that, and - frankly - I'm not that interested in whether the e-mail is Robbe> signed by anybody besides the owner of the key. So a compromiser can just merrily add email addresses that never point to the owner, and the owner shall never know. I would much rather send email to an ID that is in my web of trust -- not just an id attached to a key that happens to be in my web of trust. manoj -- If it happens once, it's a bug. If it happens twice, it's a feature. If it happens more than twice, it's a design philosophy. Manoj Srivastava <[EMAIL PROTECTED]> <http://www.debian.org/%7Esrivasta/> 1024R/C7261095 print CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C