On Friday 15 November 2013 11:39:30 Phil Calvin wrote: > On Nov 15, 2013, at 11:02, "Thomas Harning Jr." <harni...@gmail.com> wrote: > > The general practice I follow is to verify fingerprint and ID separately > > then, in order to verify control of email address and private key, send > > the signed ID encrypted to the provided email address. > > That makes perfect sense. That's the approach I took on the most recent key > I signed. > > What attacks are mitigated by verifying control of the secret key, though? I > am having a hard time grokking the benefit for someone whose ID you have > verified to present and fingerprint a key which she does not control.
By signing the UIDs connected to a key you certify that the UIDs (most commonly email addresses) belong to the same person. You and people trusting your certifications could be lead into sending an encrypted message meant for the owner of an email address not belonging to the key owner to one of the email addresses of the key owner. It may seem a bit far-fetched that somebody would use one of the email addresses of the key owner instead of the email address of the intended recipient, but a possible reason for this could be that the email address of the intended recipient stopped working (e.g. because he changed his ISP or his employer). Regards, Ingo
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users