Web of Trust (a revolution)
Anne Wilson
annew at kde.org
Tue Mar 31 14:01:42 UTC 2009
On Tuesday 31 March 2009 13:16:42 Tim wrote:
> On Tue, 2009-03-31 at 12:27 +0100, Bill Crawford wrote:
> > Ought to be possible for people to visit companies' offices and sign
> > their keys, and add them to the "web of trust" as per PGP / GPG keys.
> > No idea if / how that should be done, in practice, though.
>
> Actually, I'd like to be able to do something like with banking (go into
> the branch, and physically confirm keys used for banking). For the one
> or two people that I've used encrypted mail with, I exchanged keys in
> person.
>
Bear in mind that the Public Key is intended to be just that - public. It is
useless to anyone else as only you have the Private Key that forms the pair,
so there is no problem at all about the public key being accessible. It can
*only* be used to compare against your signature. It cannot be used in any
attempt to pretend to be you.
Anne
--
New to KDE4? - get help from http://userbase.kde.org
Just found a cool new feature? Add it to UserBase
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20090331/951bd487/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20090331/951bd487/attachment-0001.sig>
More information about the fedora-list
mailing list