On Sat, 2015-05-09 at 19:11 +0200, Ralf Mardorf wrote: > On Sat, 09 May 2015 17:36:17 +0100, Pete Biggs wrote: > > I totally understand what you are saying. > > And I absolutely agree with your argument. However, a web of trust > has > got it's weak points too. > > I "automatically" trust the key package of the distro I'm using, when > there's a release of new keys for signing packages, because the > chain of > trusted keys at least is halfway comprehensible. But automatically > accepting each key needed to check the signature of an email is > risky. > A user should care about the keys and be aware about the accepted > keys. A mouse click isn't much work. > _______________________________________________ > evolution-list mailing list > evolution-list@gnome.org > To change your list options or unsubscribe, visit ... > https://mail.gnome.org/mailman/listinfo/evolution-list
Excellent points! I don't mind the auto downloading with the exception of not blindingly setting the trust value. That way I can manually validate and set the trust. JM
signature.asc
Description: This is a digitally signed message part
_______________________________________________ evolution-list mailing list evolution-list@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-list
