-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 13/05/12 15:05, Jon Dowland wrote:
> On Sun, May 13, 2012 at 03:02:02PM +0100, Phil Dobbin wrote: >> If that was the strategy everybody adopted with PGP, there'd be >> very few, if any, keys signed, ever. > > This *is* the strategy that most people use for PGP. > >> Thanks for the advice but I think I'll pass. > > You are entitled to maintain whatever local policy for signing you > want: but, it weakens your position in a web of trust if your > signatures are 'weaker' than other peoples. It means any trust path > that flows through a signature of yours is suspect. > > GPG lets you choose a 'trust level' for keys. I'd suggest at least > using a low-level value for keys you haven't validated. In the case in question I used "I will not answer" & "I don't know" as I do with virtually all the very few keys I sign via a mailing list. As somebody else posted on this subject some time ago (maybe a week ago; this thread has been limping on for a long time) it helps one identify participants on the list whose views seem to lucid, practical & knowledgeable. I've found it unfortunate that after returning to this list after several years away, I've actually had to send several poster's addresses to /dev/null because of their rudeness & downright bad manners. So any tool to identify genuinely helpful Debian users who use these lists in a responsible manner is most welcome. Cheers, Phil... - -- currently (ab)using Debian Squeeze, Fedora Verne, OS X Snow Leopard, Ubuntu Oneiric -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJPr8gwAAoJECPmYW6gk8JjWhAH/iT19Ggx09w9puciVunNaECS wr9bMe8HaDxcXPsiooRLyEwPf6vaEU7+7efGnEpdb3C+IhUG5QsoUCiwjwQPN4Mt HIcaERaVDP2rt0uaY3626+A3O1UaDnBZJ1+bDScHWw6q35MxXrFbhB7WqU8UmEj6 MJ06k2yIc+1vjJ7sAMR2Gk3horiPWoLkl16eAQkF+TlzSbeNCFxHpeZnXg4Ngydu 6qJNDvFrXq3obLZinLkb9cBqQc9eSgjjB39MljMn+PAYXcE5UHWn70DFzR72zeS0 wOMcgWUCYlbhA9FQHmFVAKC2UcHJjXMkQs/Ey7u2ytetPyaox+foGEmpBm8l+Z4= =i6cU -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
