By Chris Quenelle on Feb 05, 2006
I've been reading about keysigning parties today, and trying to study about OpenPGP (which uses a so-called "web of trust" and S/MIME (which uses "certificate authorities"). S/MIME is simpler to use and it's top-down. You get an official company to vouch that your cryptographic key (your certificate actually) really belongs to someone with your name and email address. With OpenPGP, it's other OpenPGP users who vouch for you. Keysigning parties are where you get together in person with other PGP users and sign each other's certificates.
I'm looking at the issue from an identity point of view, and not from a security point of view. I haven't figured out why there's no mention of signing each other's certificates online. If I know someone via email and/or IM, when can't I run a little utility program on my computer that validates someone else using email or IM? The cryptographic theory is that the "Jim Smith" I know over email might not actually be named "Jim Smith" in his own warm and breathing flesh. (Like I care). So in theory, I have to meet them in person. Of course, meeting them in person doesn't guarantee they aren't D. B. Cooper with a fake ID. "But hey," (the crypto-wonks say) "it's a guarantee that your security hasn't been compromised by a man-in-the-middle attack."
The vast majority of us aren't important enough for anyone to scam us in that way. If you tell your buddy that you're going to be out of town over the weekend, and you use an unsecured IM channel to tell them that, then it's pretty unlikely someone is going to eavesdrop on you and use that information to rob your house. Unless you're Bill Gates.
So can someone explain it to me? Wouldn't OpenPGP be much more successful if you could trust people that you met online? After all, you're not vouching for their credit rating or anything, you're just verifying they are a "real" person who answers to some specific name and email address.