On 9/6/13 5:09 PM, Ted Lemon wrote: > This is what I mean by "a high bar." Signing someone's PGP key > should mean "I know this person as X," not "this person is X." I have no idea what "should" means in this context. It seems to me, from looking at this discussion (as well as from other discussions around this topic) that different people have different trust models in mind with quite possibly no two alike. I guess part of the question here is whether not PGP key signatures entail the signer being willing to vouch that the key holder is who they say they are. I'm not sure why "I know this person as <X>" provides much more reliability than someone asserting their own identity. Melinda