Manoj Srivastava <[EMAIL PROTECTED]> writes:
> Are you implying that ensuring the person whose identity you
> verified actually controls the email address and the secret pass
> phrase adds no value to the web of trust?
Not to me (but obviously to you, so overall the web's value is
increased, can't argue with that).
I basically trust the person to not lie. An evil person could induce
me to:
* send her messages that she could not decrypt (she lied to me about
owning the key).
* send messages to a mail adress that
- bounces,
- is never read,
- belongs to another person, who can't decrypt it.
In all these scenarios, the maximum loss for me is the work I put into
that mail (although I often keep copies, so it may not be entirely
lost), and the gain to the attacker is zero.
> Robbe> [...] I'm not that interested in whether the e-mail is
> Robbe> signed by anybody besides the owner of the key.
>
> So a compromiser can just merrily add email addresses that
> never point to the owner, and the owner shall never know.
Re-read what I said: while I don't care about others signing
additional ids, I consider ids not signed by the key highly dubious.
Your compromiser can't add self-signed ids to a public key unless he
holds the corresponding private key.
--
Robbe
signature.ng
