On Mon, 24 Jul 2006, David Shaw wrote:
Note that there is a difference between what page at
http://www.hantslug.org.uk/cgi-bin/wiki.pl?LinuxHints/KeySigning says
and what you say above. The page (correctly) notes that all that is
necessary is that the person *sign* the challenge before sending it back
to you. The page makes clear ("encrypted, if you like") that encryption
is optional here, and adds little to what you are trying to prove. It
doesn't matter if other people can read the signed challenge or not.
Of course, it doesn't hurt to encrypt, so long as it is understood that
it doesn't really help either.
======================
other than adding an extra step to the process, what is gained by signing
a challenge instead of encrypting a key certification (key signature) to
the recipient's public key?
assuming that the primary key is the signing key, the protocol outlined in
the link, above, does NOT demonstrate that the recipient controls the
private half of the encryption subkey.
if, instead, the signed key is encrypted to the recipient, the key
signature is only useful AFTER the recipient has proven their control of
the private encryption key... this protocol simultaneously demonstrates
their control of the primary key (used to self-sign the UID and encryption
subkey) and email address.
--
...atom
________________________
http://atom.smasher.org/
762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
-------------------------------------------------
"Nationalism is the childness sickness of Man.
It is the whooping cough of adults"
-- Albert Einstein
_______________________________________________
Gnupg-users mailing list
[email protected]
http://lists.gnupg.org/mailman/listinfo/gnupg-users
