On Fri, Jul 07, 2006 at 07:22:40PM +0200, Mark Kirchner wrote: > On Friday, July 7, 2006, 11:19:47 AM, Marcus wrote: > > * Todd Zullinger <[EMAIL PROTECTED]> wrote: > > > >> What I don't see in any of the links is more information about sending > >> an email challenge before signing a key. (My apologies if I'm > >> overlooking it on your page or any of the others.) > > > > Before I used a protocol to signing keys where I sent out random strings > > as challenge response but it's not worth. There is no enhanced security > > and only more work for "signer" and "signee". If you send the signed UIDs > > encrypted to each mail address separately it has the same effect in > > security > > I don't think that's true: Decryption is (usually) handled by the > encryption subkey and there's absolutely no guarantee that this subkey > is controlled by the same person as the primary/signing key. There may > even be valid reasons to split the two "roles". > > Since UIDs are attached to the primary key and the primary key is the > only one that can modify UIDs (and signing a key is all about UIDs) > this system can't prove what it's supposed to prove: The link between > the UID (better: the e-mail-address in it) and the person in control > of it.
This is exactly correct. The "identity" (for lack of a better word) is the primary+UID. Since that is what you are signing when you sign someone's key, that is what you should be verifying before you make the signature. David _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
