In message Wed, 24 Jan 1996 00:32:37 -0800, shamrock@netcom.com (Lucky Green) writes:

How do they verify that the person confirming the fingerprint is indeed the person supposedly owning the key?

It is pretty hard, that is one of the reasons the web-o-trust is broken. You can make it better by requiring the person to actually use the key, which proves that he/she has the passphrase. At the last key signing at the DC-area cypherpunks meeting, I told everyone my name was Boris Badanov. Even tho the key's userid said pfarrell@netcom.com. Carl Ellison suggests that the signature should have a much weaker meaning, roughly: "The person owning the secret key associated with this public key's tag has characteristic X." Obviously X could be "claims to be Pat" Thus if Lucky gives me a key, I don't know what his/her real name is, and don't care. All I have to do is see them actually sign something I give him/her with the key. Of course we need to rule out man-in-the-middle attacks. For me, I would buy off on watching the signing on a standalone laptop while I watch from accross the room. Interesting atack: Assume there is a chain of keys, with Lucky feeding keys to Klaus inside the laptop. I'd be signing what I thought was Lucky's key, but it was really Klaus'. Of course "Lucky" would have to have the secret passphrase for both Lucky's and Klaus' keys. It isn't clear to me if this is an important case. Equally questionable are tricks such as using an IR or wireless transmitter to send my test data to another computer so that the chain of MITM can be longer. Pat Pat Farrell Grad Student http://www.isse.gmu.edu/students/pfarrell Info. Systems & Software Engineering, George Mason University, Fairfax, VA PGP key available on homepage #include <standard.disclaimer>