<tytso@ATHENA.MIT.EDU> allegedly (:-) writes:
key-signinging policies available _signed_ with their private key; that I noticed in the pgp docs that there is a "signature classification field" which has a (rather small) set of reserved values, only one of which is actually implemented: 10 - Key certification, generic. Only version of key certification supported by PGP 2.0. Material signed is public key pkt and User ID pkt. 11 - Key certification, persona. No attempt made at all to identify the user with a real name. Material signed is public key pkt and User ID pkt. 12 - Key certification, casual identification. Some casual attempt made to identify user with his name. Material signed is public key pkt and User ID pkt. 13 - Key certification, positive ID. Heavy-duty identification efforts, photo ID, direct contact with personal friend, etc. Material signed is public key pkt and User ID pkt.
we would then still need to trust that the entity is telling the truth
I think we probably need a similar "web" certifying operational procedures. (That is, I believe, one thing that the PEM hierarchy claims to provide -- the institutional signature providers are auditted, etc. to guarantee that they provide the claimed level of security.) Some people trust my signatures more than other signatures because I'm already known to be somewhat "paranoid" w.r.t. security matters... _Mark_ <eichin@athena.mit.edu> MIT Student Information Processing Board Cygnus Support <eichin@cygnus.com>