[Cryptography] OpenPGP and trust

[Peter Gutmann]

Ralf Senderek <crypto at senderek.ie> writes:

>You can easily solve this problem by obtaining a certificate that verifies in
>almost all browsers for a few bucks per year, 

And the neat thing is that any bad guy can buy a cert from the same CA you
bought your one from (or any other commercial CA of their choice), set up a
dummy server, and all your friends will connect thinking it's the real thing.
The false sense of security created by the cert will make things much easier
for them.

Peter.