On Wed, 2007-04-11 at 00:00 +0200, Magnus Holmgren wrote: > On Tuesday 10 April 2007 23:51, Arthur Hagen wrote:
> > On Tue, 2007-04-10 at 23:27 +0200, Magnus Holmgren wrote:
> > > And even if you can't trust that I am me, you can still be confident
> > > that all
> > > messages signed with this key come from the same person.
> >
> > That's another (and common) fallacy. That's only the case if the holder
> > of the key can be trusted to keep the secret key confidential. When the
> > holder of the key can't be trusted to his identity, that can't be
> > trusted either.
>
> It is in his own interest to keep it secret, and to have a revocation
> certificate ready in case it's compromised.
You're begging the question. That's only the case if the user is who he
says he is. If he's a a black hat impersonator, it's not necessarily in
his own interest, which might be better served by sharing fake private
keys with other hackers.
The card house is no stronger than the weakest card, which in this case
is the inability for most recipients of the signed message to verify the
public key.