On Feb 28, 2010, at 8:09 PM, Robert J. Hansen wrote:

>> You can certainly tell a lot about someone by the signatures on their key.  
>> Either directly from the signature or because those signatures point to 
>> other keys that have their own signatures, etc.  With your permission, may I 
>> see what I can find from the signatures on your key D6B98E10?
> 
> Go for it.  It's public data.  Assuming there's nothing intensely personal in 
> there, I'll pass the results on to the list.
> 
> My point regarding the signatures don't tell you much -- if anything -- is 
> there is no guarantee that a signer has had any contact with the key holder.  
> It's foolish to make conclusions about someone's social network based on 
> their key material.  If I have a signature from a person, it is not a 
> statement that I know that person, that I approve of that person, or that I 
> would ever associate with that person.

Understood, and I agree it makes no such statement.  However, it does make a 
reasonably good statement that you were physically located near that person at 
a certain point in time, roughly what that time was, and roughly where 
(geographically) it happened.

Better than that, though, signatures point to other keys.  And self-signatures 
are signatures, too.

I'll send you some stuff.

David


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to