Efficient key signing at key signing parties

Ca. 318 ord.

I recently read the Sassaman-Zimmermann - Efficient Group Key Signing Method (S-Z). I must admit I was very disappointed.

One of the primary issues in key signing is that you do not sign someone's key unless you are 100% sure the person is who he claims to be. In S-Z this is done in step 8:

8. Identity verification is done according to the individual policy of those people signing keys.

If the verification involves looking at the persons passport then you can get a much more efficient key signing by the following:

  1. Everyone bring small pieces of paper (called key cards) with key information on his own key (including the key id, key owner, key fingerprint, key size, key type and where to download the key). A key card could look like this:
    Key ID 992A4B3F
    Key Owner V. Alex Brennen <vab@cryptnet.net>
    Key Fingerprint 0EC8 B0E3 052D FC4C 208F 76EB FA92 0973 992A 4B3F
    Key Size 1024
    Key Type DSA
    Download http://www.cryptnet.net/people/vab/
  2. Every signer goes to every signee, checks the passport and receive a key card. If you are n persons that are both signers and signees, you simply form one long line. Person 1 goes to person 2 exchange eachothers key cards and check eachothers passports, then 1 continues to 3 and 4 ... n. After person 1 has been at person 2, 2 goes to 3 does an exchange and continues to 4 ... n. 3 goes to 4 ... n, 4 goes to 5 ... n.
  3. When the signer returns home he processes every key card by downloading the key, signing it and either uploading it to a keyserver or emailing it to the key owner.

Sidst ændret Tue Feb 25 15:37:36 2003