From: Karl L. Barrus <barrus@tree.egr.uh.edu>
Date: Mon, 4 Jan 93 12:04:01 PST
To: ASTMWILL%STETSON.bitnet@CUNYVM.CUNY.EDU
Subject: Acceptance of Keys
In-Reply-To: <01GT4DS9PKZ40000QP@stetson.bitnet>
Message-ID: <9301042003.AA13849@tree.egr.uh.edu>
MIME-Version: 1.0
Content-Type: text/plain


Matt,

	You posted some very good questions.  The reason why it is
"unacceptable" to accept keys electronically is that you may be
vulnerable to spoofing.  Okay, in reality, you have to realize that
attacking cryptographic protocols is a paranoid view of things, and
that you may not be attacked, but... if you send your public key to
somebody, it could be possible for someone to eavesdrop, grab your
key, substitute their own, and send that one along.  Then when someone
responds to "you", the eavesdropper could read the message, re-encrypt
it with the public key they stole, and send it along to you.  Then,
you don't even know you are the victim of eavesdropping.
	Anyway, it all boils down to validating the keys you receive.
Which makes it tough unless you can meet people face to face.
However, the latest version of pgp contains an option which computes
the md5 hash of your public key - which allows you to call someone,
and read each others hashes, thus completing the verification over the
phone.  Of course, now you have to worry about receiving their correct
phone number... :-)
	
/-----------------------------------\
| Karl L. Barrus                    |
| barrus@tree.egr.uh.edu (NeXTMail) |
| elee9sf@menudo.uh.edu             |
\-----------------------------------/