-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 David Shaw wrote: > On Sat, Nov 05, 2005 at 12:30:46PM +0100, Thomas Kuehne wrote: > <snip> > >>How should 4) be dealt with? >> >>As far as I am aware the is no negative signature or any other way to >>mark those keys - except for local trust settings. > > > That is correct. It really has to be this way, for good and for bad. > Trust is inherently subjective - even the 1-2-3 trust levels are just > guidelines and there is no way to enforce them beyond asking people > nicely not to abuse the system. > > Of course, it would be possible to propose a different trust model > that takes into account such things (a reputation system), but that > would be a reasonably different beast than the current system. Not > impossible, but it would take some working out of details. OpenPGP > currently has no way to make a "negative" signature. >
If it did, there would be a corresponding "Web of Antitrust". - -- Alphax | /"\ Encrypted Email Preferred | \ / ASCII Ribbon Campaign OpenPGP key ID: 0xF874C613 | X Against HTML email & vCards http://tinyurl.com/cc9up | / \ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEVAwUBQ2zEJ7MAAH8MeUlWAQhmzQgAooOGpX2p31Bgoc8F4egWzFgHCS2pWO+z Bsl8YgnGdjzT7Q0GVOsP55LjPPKRSBh1+yIDrWYIqWyuLp1a74ZQTw5u8NDDtPj9 NhHSwa6kB+sQksaT3U5I4AZL7uygh79CI7AtGj/TOafoal+IKYXzVmA/DPGCVMkJ ovhv1NzfXnyRR6UGmviBrket9gaWNOST65o75NrCQww2UelH31xNPweLXclRxWkf aLs8wuNzO375MrtQkRtIFv0CDSysd4HMgByXC/p1QZdiv6o0rqKOq0heCTSPIr1Q qMqfQY9y4aWHiifHvJeYllo04V8/b7yULSj6U8h2TUpjf9gZqmNuUQ== =pM1Y -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
