Editing 364: Responsible Behavior

{{comic
| number    = 364
| date      = December 31, 2007
| title     = Responsible Behavior
| image     = responsible_behavior.png
| titletext = Never bring tequila to a key-signing party.
}}

==Explanation==
This [[:Category:New Year|New Year's comic]] could play out after [[Cueball]] has returned from a {{w|New Year's}} party the day before. (The next New Year's day comic in 2008 was also related to a big party: [[524: Party]]).

In order to send encrypted mail to people, you need to know their {{w|Public-key_cryptography|public key}}. You use this key to encrypt the email, and only they can read it (using their private key).  However, there is the problem of authentication: how do you know for certain that the key belongs to the person to whom you think it does?  It could be someone else masquerading as them, hoping for people to send them sensitive information.  They could decrypt and read your mail, and could even re-encrypt it using the genuine public key of the intended recipient, and then pass the message onto them, leaving both you and the recipient unaware of the interception. This is a type of {{w|Man-in-the-middle_attack|man-in-the-middle attack}}.

One solution for this is that people {{w|Keysigning|sign each other's keys}}. It works like this: say you want to send an email to {{w|Alice and Bob|Bob}}, but you've never met him. You find his key online (they are stored on certain servers, like cryptographic phone books), but how can you be sure that it's really his? Well, turns out that you have a mutual friend [[177:Alice and Bob|Alice]], and you have her public key and you know that it is hers. If Alice has signed Bob's key with her private key (which only she has access to), it means that she's certain that that really is Bob's key. So then you can be sure that Bob's key is genuine (since you have a common friend, Alice) and that your communications will be safe.

A {{w|Key_signing_party|key-signing party}} is simply a super-geeky party where people meet in real life so that they can be sure of people's identity, and then everyone signs everyone else's keys. It's a good way to expand the web of trust. The joke here is that he has no idea who this girl is and yet he still signed her key. This is dangerous, because he is vouching for her identity. If he is mistaken, this could result in a serious loss of credibility on his part. 

The humor lies in the juxtaposition of what you expect (that they had sex) and what is the case (they signed each other's keys, also known as geek-sex).

The title text appears to be a reference to the "key parties" of swingers in the 1970s, where all members of one sex would throw their keys in a bowl, and all of the other sex would draw them out, thus being paired off to sleep with the key owners.

==Transcript==
:[Cueball on the phone.]
:Voice: Hey, I just got home from the party
:Cueball: The one with the IRC folks?
:Voice: Yeah.
:Cueball: How was it?
:Voice: Got too drunk. I screwed up, bad.
:Cueball: What happened?
:Voice: There was a girl. No idea who she was. Don't even know her name. I was too drunk to care.
:Cueball: And what, you slept with her?
:Voice: No.
:Voice: I signed her public key.
:Cueball: Shit, man.

{{comic discussion}}

[[Category:New Year]]
[[Category:Comics featuring Cueball]]
[[Category:Computer security]]
[[Category:Cryptography]]