[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ADMIN: proposed new policy on the mailing list

To: cypherpunks list <[email protected]>
Subject: Re: ADMIN: proposed new policy on the mailing list
From: Eli Brandt <[email protected]>
Date: Sun, 24 Oct 93 15:09:47 PDT
In-Reply-To: <[email protected]>; from "wonderer" at Oct 24, 93 8:36 pm

> Here's one: How do you verify a signature for an anonymous,
> first time poster?

You don't try -- what would it mean?  You accept the provided public
key, and use it to check the continuity of the pseudonym.

> How do we prevent people from registering a key in
> someone else's name??? It's beyond me.

The list, to check signatures, has to have a trusted key from
each nym.  But there are different sorts of trust.  One might
certify that a given key belongs to a known real-world meat
machine.  Or one might certify only that it corresponds to the
legitimate user of a given net address.  In theory, one could
even certify that the key holder was not forced to hand a copy
over the the NSA, or make whatever other guarantees one chooses.
I think the trusting of keys should be left to individuals, who
may have different ideas of what it means for them to accept
a given signature.

In PGP's "web of trust" model, is there a general consensus on what
it means to sign someone's key?

> Wonderer

   Eli   [email protected]

References:
- Re: ADMIN: proposed new policy on the mailing list
  - From: [email protected] (wonderer)

Prev by Date: Re: ADMIN: proposed new policy on the mailing list
Next by Date: Re: the principle of least astonishment
Prev by thread: Re: ADMIN: proposed new policy on the mailing list
Next by thread: Re: ADMIN: proposed new policy on the mailing list
Index(es):
- Date
- Thread