Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-security@g.o
From: Randy Barlow <randy@...>
Subject: Re: gpg keys; GSWoT & PGP Global Directory Key
Date: Tue, 01 Apr 2008 11:54:22 -0400
Matthias Bethke wrote:
> As far as I can see, the PGP Global Directory does no verification apart
> from checking that an email address exists, so its signature isn't worth
> much for the WoT. The GSWoT signatures on the other hand mean the owner
> of the key has been personally checked by an introducer. It's a matter
> of taste but I usually don't sign role account keys, I think they should
> be signed by members of the institution (the introducers in this case)
> whom I can choose to trust because their identity can be verified. So as
> I wanted to trust the GSWoT key, I just imported some intermediate keys
> to build a couple of marginal trust paths via people I've met
> personally.

http://xkcd.com/364/

-- 
Randy Barlow
http://electronsweatshop.com
-- 
gentoo-security@g.o mailing list


Replies:
Re: gpg keys; GSWoT & PGP Global Directory Key
-- Eric Martin
References:
gpg keys; GSWoT & PGP Global Directory Key
-- Eric Martin
Re: gpg keys; GSWoT & PGP Global Directory Key
-- Matthias Bethke
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: gpg keys; GSWoT & PGP Global Directory Key
Next by thread:
Re: gpg keys; GSWoT & PGP Global Directory Key
Previous by date:
Re: gpg keys; GSWoT & PGP Global Directory Key
Next by date:
Re: gpg keys; GSWoT & PGP Global Directory Key


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.