[Cryptography] Dark Mail Alliance specs?
Bill Frantz
frantz at pwpconsult.com
Sun Nov 24 01:56:42 EST 2013
On 11/23/13 at 3:44 AM, iang at iang.org (ianG) wrote:
>Yes. This gets into the fallacy of signing -- what is the
>statement being signed? For PGP it is "I met this person,
>maybe." For the CAs, it is "the person had some identity docs, maybe."
The one time I used the web of trust for a PGP key it was for my
own key. (I usually get a fingerprint directly from a person.)
I needed to send some confidential information from work to
home. I didn't have my key fingerprint with me, or my key. I
downloaded my key from a key server. It was signed by Carl
Ellison, who I trusted to not have signed any other "Bill
Frantz" key. I had Carl's business card with his key
fingerprint, so I was able to complete the trust chain. QED.
Cheers - Bill
-----------------------------------------------------------------------
Bill Frantz | Since the IBM Selectric, keyboards have gotten
408-356-8506 | steadily worse. Now we have touchscreen keyboards.
www.pwpconsult.com | Can we make something even worse?
More information about the cryptography
mailing list