[Tomte]

Now your collection of business cards is susceptible to tampering (no cryptographic authentication!).

Do you never leave your collected business cards unattended at a conference or trade fair? Possible, if you put them into your shirt pocket.

Do you store them in a vault lomg-term? Probably not.

Is it impossible to impersonate you, either with a human sound-alike or by voice generation software?

If you want perfect security against everyone, it quickly spirals out of control. You should probably remove the wallpapers in your house regularly and inspect what's underneath. ;-)

I'm not entirely serious here, but I'm surprised at the optimism about what the individual can possibly achieve.

[jimktrains2]

I was imply it was a person-to-person handing of a business card and that if it wasn't then it could be handled via the phone (which you would need from something other than the business card). But, yes, I didn't explain that as well as I could have.

[frabbit]

"Now your collection of business cards is susceptible to tampering (no cryptographic authentication!)."

You are missing the part where it was suggested that the recipient of the business card telephones you and asks to verify the fingerprint.

[frabbit]

In response to Tomte's criticism, this all boils down to the certification level http://tanguy.ortolo.eu/blog/article9/pgp-signature-infos 1) A fingerprint on a possibly compromised business card == 0 2) A fingerprint verified by phoning someone == 1 etc, And associated with that independently is of course the level of trust.

Sorry Tomte for not replying immediately to your message, but I've posted too much on this apparently.

[Tomte]

You are missing both the "or" in his sentence (i.e. he describes alternatives, not cumulative measures) and my retort to the verification by phone.