[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: mailing list pgp signatures...

Hash: SHA1

On 07/13/09 13:03, quoth Rick Sewill:

> Steve, when I click on your signature, I can extract your public DSA
> public key, F0BE3724, see that it is verified, because you registered it
> with the pgp servers (Thank you for registering!), but untrusted by me,
> and if I wish to take further steps, I could trust what you sign.

> This is a good example where we could build a trust relationship if we
> took further steps.

Exactly. Don't you just love the English language with all of its ambiguities?
 We smell, which can imply that we are receptors of quantum bad smelling
particles called fartons, or we can be emitters of said particles. Context
counts. In the wild and wooly world of PGP, Trust is not about whether I trust
you with my money. Trust is only about whether I trust that your key actually
belongs to you. If you're not in the vicinity of Framingham MA then it's not
likely that we will be able to show each other two pieces of government issued
picture ID, but if you know someone who is in the area and have mutually
signed each others' keys then he and I could sign keys and then you could
update your copy of my public key and see that I trust him and you trust him
so you can trust me.

- --
Time flies like the wind. Fruit flies like a banana. Stranger things have  .0.
happened but none stranger than this. Does your driver's license say Organ ..0
Donor?Black holes are where God divided by zero. Listen to me! We are all- 000
individuals! What if this weren't a hypothetical question?
steveo at syslang.net
Version: GnuPG v2.0.10 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]