>-----Original Message----- >From: Marvin Humphrey [mailto:[email protected]] >Sent: Friday, October 05, 2012 8:54 PM >To: [email protected] >Subject: Re: key signing > >On Fri, Oct 5, 2012 at 8:55 AM, Jukka Zitting <[email protected]> wrote: >> It's good to recommend people to get their keys signed by someone in >> the Apache web of trust and I think we could do more in that area, > >Maybe if we didn't insist on face-to-face meetings we'd get better adoption >rates. > >Apache dev docs: > > http://www.apache.org/dev/openpgp.html#wot-link-in > > How To Link Into A Public Web Of Trust > > In short, expect that: > > * this will involve a face-to-face meeting > >GnuPG docs: > > http://www.gnupg.org/gph/en/manual.html#AEN84 > > A key's fingerprint is verified with the key's owner. This may be done in > person or over the phone or through any other means as long as you can > guarantee that you are communicating with the key's true owner.
+1. I think with technologies like Skype & Google Hangout, we can get the same level of assurance of a person's identity as a physical key signing party. What if we held a regular Google Hangout Key Signing party? We can always ask participants to show IDs :) > >Marvin Humphrey > >--------------------------------------------------------------------- >To unsubscribe, e-mail: [email protected] >For additional commands, e-mail: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
