Re: pgp signing in van

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 9/6/2013 11:04 PM, Ted Lemon wrote:
On Sep 6, 2013, at 10:35 PM, Melinda Shore <melinda.shore@xxxxxxxxx> wrote:
I actually don't think that pgp is likely to be particularly
useful as a "serious" trust mechanism, mostly because of
issues like this.

It's not at all clear to me that "serious" trust mechanisms should be digital at all.   Be that as it may, we have an existence proof that a web of trust is useful�Facebook, G+ and LinkedIn all operate on a web of trust model, and it works well, and, privacy issues aside, adds a lot of value.   IETF uses an informal web of trust, and it works well.   Most open source projects use informal webs of trust, and they work well.   PGP signing for software distribution works well.


I think there is a "webs of trust" tendency to believe the negative or the worst isn't going to happen, well, to you, until its does or at least rears its head. There are many forms. Its a different set of mentalities with victims. Including the worth of dealing with it when its local vs wide spread.

The question is, can we cover the protection of them all, communications wise, with protocols, guidelines and tools?

What these mechanisms are not is a web of trust that you could use to authenticate a real estate transaction.   You shouldn't accept them as signatures on legal contracts.   You shouldn't use them to transfer large sums of money to strangers.   But they are definitely useful.


I think the best IETF can do is to make it available for consideration, and of course, use good engineering, and ethical, common sense.

We have conflictive goals among many in the market place, which is now global, and its even within market and technology leaders. The IETF deals with communications and that should include with the end users as well. Who are the IETF customers?

--
HLS






[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]