On 2/28/11 9:12 AM, David Shaw wrote: > In this particular case, though, key signatures aren't even necessary > - RM just needs to prove that he is the same entity that signed the > other messages to the list. That is, he's "real" in the sense that > he is the Martin that the list knows and has been conversing with.
That depends a lot on what those prior conversations are. If I've built up trust in RM because I think he's been up-front and candid, and FM comes along and presents a credible threat to RM's identity, then yes, I have to revisit my trust decision in RM: I can no longer be confident he's been up-front and candid. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
