Re: PGP signatures.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2008-05-29 at 10:38 +0930, Tim wrote:
> On Wed, 2008-05-28 at 17:49 +0100, Anne Wilson wrote:
> > It is important, though, to maintain the web-of-trust.  It does have
> > legal implications, and that's why local signing is an option.  I use
> > encryption for correspondence with one person, and for that I have to
> > use ultimate trust, yet I've never met him.
> 
> I don't recall being required to "ultimately trust" someone to send them
> encrypted mail.  I'd call that a foolhardy thing, too.  It'd be better
> to set your mailer to trust people on your keyring - that affects what
> you do with the keys, rather than inappropriately bodging the keys,
> themselves.

Slightly OT, but what the hell: we should realize that trusting keys
isn't the same as trusting people. Trust as applied to PGP/GPG keys
means "I believe this key belongs to this person (e.g. because the
person physically gave me the public key and demonstrated that he could
sign things with the corresponding private one)". It does *not* mean "I
trust this person not to lie to me or do evil with the information I
send him". It's unfortunate that the web-of-trust notion has taken on a
semantic overlay that doesn't fit, due in large part to the unfortunate
choice of terminology.

poc

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux