> From: David Honig > Sent: Tuesday, June 10, 2003 11:53 PM > Subject: RE: Keyservers and Spam > > You email your key to those who justify the request. In plaintext, > or on the phone. What is the problem with that?
The possibility of a MITM attack. I observe that "confirmation" of the fingerprint by phone is worthless unless the recipient is able to recognise my voice. In the case of a stranger, that won't be the case. Jill --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]