> From: David Honig 
> Sent: Tuesday, June 10, 2003 11:53 PM
> Subject: RE: Keyservers and Spam
> You email your key to those who justify the request.  In plaintext,
> or on the phone.  What is the problem with that? 

The possibility of a MITM attack.

I observe that "confirmation" of the fingerprint by phone is worthless
unless the recipient is able to recognise my voice. In the case of a
stranger, that won't be the case.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to