PGP signatures.
Anne Wilson
cannewilson at googlemail.com
Thu May 29 08:34:07 UTC 2008
On Thursday 29 May 2008 02:08, Tim wrote:
> On Wed, 2008-05-28 at 17:49 +0100, Anne Wilson wrote:
> > It is important, though, to maintain the web-of-trust. It does have
> > legal implications, and that's why local signing is an option. I use
> > encryption for correspondence with one person, and for that I have to
> > use ultimate trust, yet I've never met him.
>
> I don't recall being required to "ultimately trust" someone to send them
> encrypted mail. I'd call that a foolhardy thing, too. It'd be better
> to set your mailer to trust people on your keyring - that affects what
> you do with the keys, rather than inappropriately bodging the keys,
> themselves.
>
Since it is a local setting it has no security implications for anyone else.
Local signing is designed to cope with situations like this.
Anne
More information about the fedora-list
mailing list