Whoops! I've just realised the error in my own logic there. Of course a MITM could send a fake key, but the digital signatures on it still can't be faked. In that sense, I am simply acting as a keyserver for my own key.
I withdraw the below email, and apologise for posting it without thinking it through a bit more thoroughly. Jill -----Original Message----- From: Jill Ramonsky Sent: Wednesday, June 11, 2003 9:20 AM To: [EMAIL PROTECTED] Subject: RE: Keyservers and Spam > From: David Honig > Sent: Tuesday, June 10, 2003 11:53 PM > Subject: RE: Keyservers and Spam > > You email your key to those who justify the request. In plaintext, > or on the phone. What is the problem with that? The possibility of a MITM attack. Jill --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]