From: m5@vail.tivoli.com (Mike McNally)
Date: Sun, 3 Apr 94 07:39:24 PDT
To: prz@acm.org
Subject: Re: Positive uses for PGP
In-Reply-To: <9404030811.AA03068@columbine.cgd.ucar.EDU>
Message-ID: <9404031439.AA03546@vail.tivoli.com>
MIME-Version: 1.0
Content-Type: text/plain


> There is no prize for the best story, but for what it's worth, I'll
> sign the public key of the person who submits the best story by
> Monday, April 11th.

I certainly don't mean to deny the service Mr. Zimmerman has done the
on-line community, nor do I wish to imply that the above offer is
attractive, but I'm a little confused.  If Mr. Zimmerman's signature
(or anyone else's for that matter) is available on such light pretenses,
what is the value towards ensuring authenticity?  I was under the 
impression that key signing was to be done between associates who can
attest to the tangible reality of the entities behind the keys.  (No,
I'm not Detweilering; I speak of the ostensible use of the signature
chain.)

I guess I could be misinterpreting the whole thing.