Nuts & Acorns
Tom Jennings
Tom.Jennings at f111.n125.z1.FIDONET.ORG
Tue Oct 6 15:11:44 PDT 1992
> To: Tom Jennings
tj>>
I am considering becoming and "introducer" for parts of FidoNet. I
can't seem to get past the problems of how to assign reliability to
public keys I receive over an unsecured email channel to begin with.
No other method is practical.
<<
>>??
Huh? I don't understand what you're pointing out. If I send you my
public key -- even if I cc: dockmaster -- what does it matter that the
NSA knows my public key (unoless they want to send me msgs, too)?
<<
Not my worry. What I meant was, how do I know htat the keyfile I
received from "John Smith @ net address" really is his, and not some
faker. Short of physically getting key disks from someone face to
face (flatly im-possible here), I don't know.
The assurance of course is the social system: if someone sends me a
message and keyfile, "here's my file, my name is Eric Hughes", and I
distribute it...
I can think of no way to prevent this, other than let a social system
detect and repair -- "HEY THATS NOT ME!!!" form the 'real' you would
raise a flag... and an audit trail at the introducers site
(dangerous...!) might help.
Anyhoo, that's what I meant.
--- RM version 0.-1 (watch out)
--
Tom Jennings - via FidoNet node 1:125/555
UUCP: ...!uunet!hoptoad!kumr!fidogate!111!Tom.Jennings
INTERNET: Tom.Jennings at f111.n125.z1.FIDONET.ORG
More information about the cypherpunks-legacy
mailing list