Phil Karn says:
To me at least this seems unimportant for the application. If all you're doing is exchanging session keys over the phone, it doesn't really matter if you are sure that the public key actually belongs to who it claims it does,
Well...yes. *If* you know the person you are talking to, then you can read off your session key (or preferably its hash) to guard against the man in the middle. But let's say you are being referred to someone who you don't already know (or you know them only by email, and have no idea what they sound like). You trust this person, but you can't depend on an oral challenge-response. The existing PGP web should be handy here.
I think that we are too casual about this -- Rich Little or someone similar could easily impersonate your voice over a vocoder well enough that unless I decided to do a "so, tell me about what we had for lunch last week" routine you couldn't tell the difference. I think that even if you DO know the other person verification is valuable -- especially given the distortionary effects of vocoders. Perry