-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [John -- I've sent this to the cypherpunks list, and Bcc'd you.] On Mon, 25 Jun 2001, John wrote:
In various published keysigning protocols, I note that there doesn't seem to be any step in the process where we confirm that the person submitting a key to the ksig-party-admin is actually the owner of the key.
Actually, there is, at least in the protocol Phil and I worked out. (http://sion.quickie.net/keysigning.txt). I left this extremely vague. Step 8: "Identity verification is done in the normal manner." How identity verification is conducted is up to the signing organizers. And, of course, everyone should have a personal policy regarding key signing -- an individual CSP, so to speak. If, for instance, your policy requires that you view government-issued passports before signing keys, sign only those keys that belong to people who can produce government-issued passports. Others will not sign keys at all, believing that in doing so they would be making public information about themselves and their associations with other people that is best kept private. Not everyone participating in a group keysigning needs to have the same requirements for ID verification, and not everyone participating needs to actually sign others' keys. And there is the question of signing pseudonyms, of course. http://www.inet-one.com/cypherpunks/dir.1996.01.18-1996.01.24/msg00323.html PGP is a tool. A technical instrument. In specifying the keysigning method we developed, I opted to keep it removed from the politics and policy issues regarding keysigning. How you determine identity or if you even choose to sign keys was not interesting to me in that context.
If John Smith stands up and claims ownership of several keys, it certainly creates an appearance that all of them belong to the same person, and that each key's owner was present at the keysigning party.
So how would you prevent this? I can think of several easy ways, but I'll leave that as an exercise to the reader. You may wish to check the Cypherpunks mailing list archives for past discussions on PGP keysignings, and the issues/dangers involved. __ Len Sassaman Security Architect | Technology Consultant | "Let be be finale of seem." | http://sion.quickie.net | --Wallace Stevens -----BEGIN PGP SIGNATURE----- Comment: OpenPGP Encrypted Email Preferred. iD8DBQE7N4S+PYrxsgmsCmoRAnlJAKCjjSmTBvx3vW6RCHqiJ/OqwieCzACgylys yft/Jl2O4R55VFZC7HiesiM= =tKkZ -----END PGP SIGNATURE-----