Note: Due to technical difficulties, the Archives are currently not up to date.
GMANE provides an alternative service for most mailing lists. c.f. bug 424647
Matthias Bethke wrote:
> As far as I can see, the PGP Global Directory does no verification apart
> from checking that an email address exists, so its signature isn't worth
> much for the WoT. The GSWoT signatures on the other hand mean the owner
> of the key has been personally checked by an introducer. It's a matter
> of taste but I usually don't sign role account keys, I think they should
> be signed by members of the institution (the introducers in this case)
> whom I can choose to trust because their identity can be verified. So as
> I wanted to trust the GSWoT key, I just imported some intermediate keys
> to build a couple of marginal trust paths via people I've met
> personally.
http://xkcd.com/364/
--
Randy Barlow
http://electronsweatshop.com
--
gentoo-security@g.o mailing list
|
|
