Drab as a fool, aloof as a bard

It is often assumed that key signing parties make certain attacks against cryptographic identities harder, but do people who participate in those parties really understand what those attacks are and why they are made harder? For instance, some groups require that government-issued ID is used, whereas others think this is unnecessary. Or if you check someone’s ID and they give you a keyslip with someone else’s email address on (but they can intercept emails to that person), then why bother encrypting the signature on that key when you send it to them? Alternatively, if they can’t read that person’s emails, then what is the danger in sending the message unencrypted? I don’t claim to have perfect answers for these questions, but I have been thinking about them and come up with some little scenarios which I find useful for comparing the relative strength of various systems. By presenting and discussing these scenarios below, then, I may at least provide a starting point for people to develop these ideas further.

Cryptography is hard to do right, and even if it is implemented correctly, the user is often required to perform some complicated operations to make use of it. One area of cryptography which involves a great deal of activity from the user is the signing of public keys used in public key cryptography. Not only does it usually require users actually meet each other and do some sort of identity verification, it then requires quite an involved process at the computer involving retrieving keys, checking signatures, and sending emails. To automate this as much as possible, I have come up with a little script which helps me perform some GPG and email operations quickly and simply, without, I hope, reducing my security.