hat tip to .gov hostmasters

bmanning at vacation.karoshi.com bmanning at vacation.karoshi.com
Mon Sep 22 16:27:25 UTC 2008


On Mon, Sep 22, 2008 at 12:14:53PM -0400, Keith Medcalf wrote:
> 
> > > If I cannot authenticate the data myself, then it is simply 
> > untrusted and untrustworthy -- exactly the same as it is now.
> 
> > so I guess PGP web of trust is right out, then?
> 
[elided]
> 
> If there is a piece of data X signed with a cryptographically generated signature, and *I* verify that indeed the signature is valid, then the signature is valid -- that is, I can say with 100% absolute certainty that specific bit of keying material was used to generate a signature on something and that I have another bit of keying material which validates that signature.  I am assured with very high certainty that THE DATA WAS SIGNED BY THE POSSESSOR OF THE SECRET KEYING MATERIAL.
> 
> Nothing more can be determined from the signature.
> 


	let me understand this ... your use of the pronoun "I" in these contexts
	is in reference to your corporal being i.e. meatspace and not a software
	application running on some computer.

--bill




More information about the NANOG mailing list