From: J. Michael Diehl <mdiehl@triton.unm.edu>
To: cdodhner@indirect.com (Christian D. Odhner)
Message Hash: cba6ba36151e0c1fd6c2dfa47bd72bd43cab4ce2c0ed87a436fff7b44a62fa12
Message ID: <9309062046.AA04749@triton.unm.edu>
Reply To: <199309061407.AA13849@indirect.com>
UTC Datetime: 1993-09-06 20:51:26 UTC
Raw Date: Mon, 6 Sep 93 13:51:26 PDT
From: J. Michael Diehl <mdiehl@triton.unm.edu>
Date: Mon, 6 Sep 93 13:51:26 PDT
To: cdodhner@indirect.com (Christian D. Odhner)
Subject: Re: Key signing, authentication
In-Reply-To: <199309061407.AA13849@indirect.com>
Message-ID: <9309062046.AA04749@triton.unm.edu>
MIME-Version: 1.0
Content-Type: text/plain
According to Christian D. Odhner:
>
> Recently there was some discussion about when to sign somebody's public
> key and when not to. Does anybody have a short, to the point set of
> guidelines on when it is ok to sign? I think minimum requirements to sign
> would most likely be receiveing that key from the owner both on and off
> the net. That way somebody on the net who is doing man-in-the-middle type
> attacks is thwarted, as is somebody who gives you the key off the net with
> a false net-id. Anyway, I'm sure there's more to it than that, like are
> phone calls ok? I mean, how did you get the # anyway? And what about
> meeting the person in the flesh? How do you know they are the same person
> you talk to on the net? Thinking too much about this could make a person
> .realy. paranoid!
Well, I think I started that thread with a query. I got lots of discussion and
summarized the (most conservative) concensus in my .plan file. You can read my
policy by typing finger mdiehl@triton.unm.edu. Hope this helps.
>"The NSA can have my secret key when they pry
>it from my cold, dead, hands... But they shall
>NEVER have the password it's encrypted with!"
I love it! ;^)
>
J. Michael Diehl ;^) |*The 2nd Amendment is there in case the
mdiehl@triton.unm.edu | Government forgets about the 1st! <RL>
Mike.Diehl@f29.n301.z1 |*God is a good Physicist, and an even
.fidonet.org | better Mathematician. <Me>
al945@cwns9.ins.cwru.edu|*I'm just looking for the opportunity to
(505) 299-2282 (voice) | be Politicly Incorrect! <Me>
Can we impeach him yet? |*Protected by 18 USC 2511 and 18 USC 2703.
PGP Key = 7C06F1 = A6 27 E1 1D 5F B2 F2 F1 12 E7 53 2D 85 A2 10 5D
Return to September 1993
Return to “J. Michael Diehl <mdiehl@triton.unm.edu>”