On Wed, Oct 10, 2012 at 3:20 PM, Ted Dunning <[email protected]> wrote:
> > I have friends who live far away. I know them well. I don't know their > key fingerprint. > > If we send emails or if we text back and forth I not clear that it is > them. If I have a video conference and the hold up the fingerprint I know > it is them. This is not an applicable user story for Apache, though. We're not all long distance pen palls who used to know each other in real life. As Shane points out, the important thing is that we can establish email and key ownership. I still contend that actually being able to say the person who controls this email and this key happens to have some ID proving their IRL identity. Perhaps that is not important for Apache. But for the WoT in general, it certainly seems to be the case. -- NS
