On Tuesday 10 April 2007 23:51, Arthur Hagen wrote: > On Tue, 2007-04-10 at 23:27 +0200, Magnus Holmgren wrote: > > And even if you can't trust that I am me, you can still be confident > > that all > > messages signed with this key come from the same person. > > That's another (and common) fallacy. That's only the case if the holder > of the key can be trusted to keep the secret key confidential. When the > holder of the key can't be trusted to his identity, that can't be > trusted either.
It is in his own interest to keep it secret, and to have a revocation
certificate ready in case it's compromised. If that's not enough for you, you
really can't trust that person with anything, cryptographic or not.
--
Magnus Holmgren [EMAIL PROTECTED]
(No Cc of list mail needed, thanks)
"Exim is better at being younger, whereas sendmail is better for
Scrabble (50 point bonus for clearing your rack)" -- Dave Evans
pgpZbaNhUrUlv.pgp
Description: PGP signature
-- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
