[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Key Servers



Wonderer> == wonderer  <[email protected]>

 Wonderer> I don't see what you mean by key servers for only true names.
 Wonderer> How do you know that a true name isn't just a false identity
 Wonderer> created with a real account on some system? How do you
 Wonderer> differentiate a true name from a unix account?

You can't.

As has already been pointed out on the list, the key servers have nothing
to do with binding keys to humans (or other entities, presumably :-).
Only a trusted (by you) key signature can do that; the key servers merely
serve as a way to distribute the keys.

The way to "certify" a key as belonging to a True Name is (again, as has
already been pointed out) to have a signing key that goes along with some
policy.  That gives keys signed by that key some level of trust, depending
of course on how stringent the policy and how much you trust the signer
not to be fooled (or malicious).

If someone wishes to only deal with cyberspacial entities that have
Certified True Names, then that someone can easily take steps to do so.
(And if that someone decides that I'm simply a "brand new Tentacle" or
whatever, that's not my problem; I'm easy enough to verify as a human, if
it's that big a deal...)
-- 
Christopher Davis * <[email protected]> * (was <[email protected]>) * MIME * RIPEM * [CKD1]
   This netnews posting is presented in the original 80-column aspect ratio.
The black bars bordering the headers and .signature are normal for this format.