Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-security@g.o
From: Matthias Bethke <matthias@...>
Subject: Re: gpg keys; GSWoT & PGP Global Directory Key
Date: Tue, 1 Apr 2008 17:42:26 +0200
Hi Eric,
on Fri, Mar 28, 2008 at 03:13:43PM -0400, you wrote:
> I'm seeing a bunch of keys in my keyring with GSWoT(1) and PGP Global
> Directory(2) signatures on them.  Obviously both websites encourage you
> to download their keys and trust them.  While I realize what keys you
> trust is totally up to you, I'm wondering what fellow people do.  My
> idea was to /maybe/ add them in as moderates that way they don't run my
> keyring for me, but still vouch for people where necessary.

As far as I can see, the PGP Global Directory does no verification apart
from checking that an email address exists, so its signature isn't worth
much for the WoT. The GSWoT signatures on the other hand mean the owner
of the key has been personally checked by an introducer. It's a matter
of taste but I usually don't sign role account keys, I think they should
be signed by members of the institution (the introducers in this case)
whom I can choose to trust because their identity can be verified. So as
I wanted to trust the GSWoT key, I just imported some intermediate keys
to build a couple of marginal trust paths via people I've met
personally.

cheers,
	Matthias
-- 
I prefer encrypted and signed messages. KeyID: FAC37665
Fingerprint: 8C16 3F0A A6FC DF0D 19B0  8DEF 48D9 1700 FAC3 7665
Attachment:
pgp50X4yoQN11.pgp (PGP signature)
Replies:
Re: gpg keys; GSWoT & PGP Global Directory Key
-- Eric Martin
Re: gpg keys; GSWoT & PGP Global Directory Key
-- Randy Barlow
References:
gpg keys; GSWoT & PGP Global Directory Key
-- Eric Martin
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
gpg keys; GSWoT & PGP Global Directory Key
Next by thread:
Re: gpg keys; GSWoT & PGP Global Directory Key
Previous by date:
AUTO: Janek Lünstedt ist außer Haus (Rückkehr am 14.04.2008)
Next by date:
Re: gpg keys; GSWoT & PGP Global Directory Key


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.