On Mon, Oct 8, 2012 at 8:51 AM, Branko Čibej <[email protected]> wrote:
> It says clearly, "as long as you can guarantee that you are > communicating with the key's true owner." Which was exactly my point. I assert a "virtual key-signing party" protocol incorportating Google Plus Hangouts could offer comparable assurances to a face-to-face key signing party. I speculate that such a protocol would utilize the "Hangouts On Air"[1] feature which archives the hangout video directly to YouTube, along with possibly mailing list interaction and commits to ASF version control to achieve a layered approach a la multi-factor authentication. Arguably, having archived video would make the virtual protocol _stronger_ than face-to-face. Whether such an initiative would be worth the effort is a different question, but video conferencing should not be dismissed out-of-hand as a tool for helping to associate a key with the key's true owner. [1] http://www.google.com/+/learnmore/hangouts/onair.html --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
