> > That higher level of confidence would be misplaced if I'd simply
> > mailed my key to all my old PGP signers, and they'd signed it.
>
> Sorry, I don't get this. Why is it a problem if one of my old signers signs
> my new key if I send it to them in a mail signed by my old key?
Lots of others have answered this, but in case you missed them:
How do you know whether their original key has been compromised? And
you are now blindly signing a key guaranteeing that you *KNOW* with
absolute certainty that this key belongs to them. But you don't know
this, actually: all that you know is that the key you have received
was signed by a key you once signed yourself.
Furthermore, let's imagine that their key was compromised. Ally
Attacker now has your friend's key, and generates a new key, sending
it around signed by the stolen key, asking for signatures on the key.
All of the original signatories now sign the key, and everyone will
believe that this new key belongs to your friend. But in fact, Ally
is in complete control, and no-one who's signed it is able to revoke
their signature without revoking their entire key, and even then, the
spread of information can be slow. Furthermore, your friend cannot
even revoke Ally's fake key, for your friend does not have the private
key to generate the required revokation certificate. And therefore,
your friend has some very serious problems.
Conclusion: NEVER, EVER sign a key without confirming, face-to-face,
or by telephone if you know them, that the key really does belong to
who it claims to.
Julian
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Julian Gilbey, Dept of Maths, QMW, Univ. of London. [EMAIL PROTECTED]
Debian GNU/Linux Developer, see http://www.debian.org/~jdg
