On Tue, Apr 17, 2001 at 09:20:40AM +0200, Peter Palfrader wrote: > You miss the point, imagine the following situation: > > We meet, I show you my ID and give you the fingerprint. > My key has two IDs: > Peter Palfrader <[EMAIL PROTECTED]> > Peter Palfrader <[EMAIL PROTECTED]> > > You sign both and send the key to my primary address or upload it to the > keyserver. > > Congratulations, you have just allowed me to impersonate Peter Palfrader > <[EMAIL PROTECTED]>, who happens to be an all together different Peter > Palfrader than me.
If I only signed the first one you enter the web of trust, and hence can sign yourself the other one. -Ralf.
