Hybrid keysigning party, your opinion?

Peter Lebbing peter at digitalbrains.com
Sun Dec 11 18:22:26 CET 2016


On 08/12/16 15:08, Lachlan Gunn wrote:
> Can't they get this from the other participants in the line?  Checking
> with a few people at random gives reasonable assurance that this is what
> was agreed on at the beginning, or they can check them all if they want
> to be certain.

Personally, I find checking a few other participants to be too weak an
assurance. I don't believe in security by numbers. If I'm dealing with
statistics, I want them to be on the order of "chance of one in 2^127".
You might recognise the chosen quantity :-). But everybody is free to
decide their own policy.

And checking at everyone would hold up the process; it's 64 hex digits
to verify!

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>



More information about the Gnupg-users mailing list