From: pmetzger@shearson.com (Perry E. Metzger)
Date: Tue, 6 Oct 92 15:59:23 PDT
To: Tom.Jennings@f111.n125.z1.fidonet.org
Subject: Nuts & Acorns
In-Reply-To: <2654.2AD20C59@fidogate.FIDONET.ORG>
Message-ID: <9210062244.AA07304@newsu.shearson.com>
MIME-Version: 1.0
Content-Type: text/plain


>From: Tom.Jennings@f111.n125.z1.fidonet.org (Tom Jennings)

>Not my worry. What I meant was, how do I know htat the keyfile I
>received from "John Smith @ net address" really is his, and not some
>faker. Short of physically getting key disks from someone face to
>face (flatly im-possible here), I don't know.

This is like asking "how do I get a bullet to stop in mid air and
launch itself back into the bullet casing in the breech of the gun".
You don't. Obviously, the only way to trust a key enough to certify it
is to actually get it in person and verify identity. This is often
impractical, but so what? If people want to communicate and the only
assurance your signature gives them is that you got a copy of the keys
by email, they might as well just email each other they keys and live
knowing that the messages they are sending are to possibly
non-securely identified people. Signed introduced keys should be
reserved for times when you can actually add real information by
claiming the key is really owned by the person who claims it.

This does mean that a lot of the time until people have built up
catenative assembleges of keys sufficent to form a "chain of trust"
for unknown people that they will simply have to do without
certification of the other person's identity. Isn't that the way life
usually is, though?

Perry