摘要 |
A method for verifying the identity of a communication partner, in particular in real-time communications, wherein a caller (A) sends a message towards a callee (B), and wherein the caller (A) attaches a self-signed certificate to the message, characterized in that the caller (A) and the callee (B) are part of a web-of-trust, wherein certificates of users within the web-of-trust are stored by one or more key-servers (3), wherein trust relationships between users within the web-of-trust are employed to compute a trust-chain between the caller (A) and the callee (B) based upon the certificate attached to the message and upon the callee's certificate, and wherein the further processing of the message received by the callee (B) is based on the length of the derived trust-chain. Furthermore, a corresponding system is described. |