I agree that RSA public keys could be exchanged as needed during the call, although this might require a few iterations before a party gets a signature that it can trust. Finding a path through the PGP "web of
To me at least this seems unimportant for the application. If all you're doing is exchanging session keys over the phone, it doesn't really matter if you are sure that the public key actually belongs to who it claims it does, only that the person you're talking to (who you presumably already know) actually possesses the corresponding private key. This can be verified with a simple challenge-response system. The identity problem is removed if you use a different key pair for phone conversations than you do for signature purposes... there doesn't need to be any information actually connecting the key with you. -- Jonathan R. Guy | The opinions expressed above are not E-Mail: guy@theporch.raider.net | those of my employer. Nor are Snail: P.O. Box 158325 | they my own. Actually, I copied them Nashville, TN 37215 | from the encyclopedia.