Paul Wouters wrote: > Actually, nmost people I know never use the WoT. They only use keys > obtained directly from the person they want to exchange encrypted email > with. this is not my experience it will be a long time before i trust a dane/dnssec identity binding over pgp's. At Mon, 21 Sep 2015 16:24:10 -0700, Bill Manning wrote: > I think Paul nails it, at least for the more aware folks around. > Using the WoT to gauge anything other than confidence in choice of > friends/associates is asking for trouble. i think bill nails it. trust in identity is what it is about for me. i am communicating with a person, not a dns or smtp server; the latter are agents, and ones which have failed repeatedly over the decades. using one hierarchy to reinforce the weaknesses of another may increase reliability (or fragility), which is good. it does not increase trust in identity. At Mon, 21 Sep 2015 18:58:43 -0500, Scott Kitterman wrote: > Personally, I've known people for year on line, but would never sign > someone's key without meeting them in person. bingo! and seeing a high level out of band assertion of identy such as a passport. At Tue, 22 Sep 2015 08:59:25 +0200, Harald Tveit Alvestrand wrote: > it's been obvious to me since the 90s that the hierarchical models of > trust (CAs, corp signing authorities) are simply restricted webs of > trust. So the WoT model is a more general one than the hierarchical one: > you can represent hierarchy as a WoT (the user trusts the root keys, > trust flows from there), but not vice versa. bingo! > I've been saddened by the crippled state of WoT-manipulating user > interfaces since roughly forever. but x.509 and dns end user tools are sooo much better :) > I believe the Web of Trust has a great potential as a basis on which to > represent many different trust policies. But the current state of tools > to interrogate and update a trustdb according to those policies is > simply not fit for the task. the state of tools for the entire trust and identity ecosystem sucks. and we are spending our time mucking below the waterline. to a dns/dane hammer, everything looks like a nail. a solution looking for a problem. At Tue, 22 Sep 2015 13:55:22 -0400, Phillip Hallam-Baker wrote: > A few months back I realized that I had the criteria wrong. It is even > tougher than 'do no harm'. To get people using strong crypto you have > to do better than not making things any worse. You have to make life > easier for the user. 'cept we're not doing that. while i am still digging through your latest, at least you're talking about some parts of the elephant that i perceive. At Tue, 22 Sep 2015 11:11:11 -0400 (EDT), Paul Wouters wrote: > With DNS, you can remove the key from DNS without needing the private > key or passphrase to it. is this a feature or a bug? good discussion in acme about having the credentialials to add/change/delete. in current pgp, if you think you may ever want to revoke, gen a revocation credential. in all these worlds, you need credentials to change or negate; to do otherwise is a big vulnerability. randy