How byzantine! PGP 2.1 will have a much more convenient facility for verifying public keys that you receive over the network. If you say "pgp -kvc karn", for example, it will display the MD-5 hash of karn's public key as 16 hex bytes. If you know the sound of my voice, you can call me on the phone and have me read off the hash code that I compute here on my key so you can compare it to the value you computed. If they match, you can sign my key with reasonable confidence. About the only way to defeat this system is for the bad guy who feeds you the bogus key in my name to come to my house and hold a gun to my head as I receive your phone call. I would much rather trust a simple verification procedure based on redundancy and close personal relationships than a single, complex, impersonal process involving people I don't know. This is not to impugn your integrity, of course -- I'm simply speaking on principle. People need to be very selective about the signatures they sign, otherwise they will become meaningless. I've already had people sign my public key without any verification that it is legit. This is a no-no. I am bothered by the message that PGP currently generates when it reads in some new public keys asking if you'd like to certify each new key. Even though the default is "no", it makes it too easy to sign a key without really verifying its authenticity. Phil