-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 NotDashEscaped: You need GnuPG to verify this message
Hi On Thursday 24 April 2014 at 11:19:12 PM, in <mid:53598de0.2060...@gmail.com>, Gabriel Niebler wrote: > Peter Lebbing has thankfully pointed out that, out of > my two suggestions, "authenticity" is the word that > should be preferred. I agree with him on this, so I > shall use that word here. I don't personally like "authenticity" or "authentic" here but no sensible alternative suggestion comes to mind. "Authenticated" would better fit my understanding. >> GnuPG *can* inspect the signatures present on a key to >> determine validity. > Yes, but only if the user has already begun to build > their WoT. The presence of my local signature on a key allows GnuPG to determine validity, but could not be said to indicate I have started to build a WoT. > So as it is now, a new user finds they must (basically > always) establish a keys "validity" themselves, when > the expectation is that GnuPG should know whether a > given key is "valid". OK. The key is "valid" because it is not expired or revoked. If it bears no WoT signatures (and no exportable signatures from any of my keys), it seems wrong to say it is "authenticated." If it is only accepted by GnuPG due to my local signature, maybe a better word is "activated." > In normal life, it is "authenticity", not "validity" > that is established by signatures. In my experience it is commonplace for signatures to indicate either, depending on context. You sign a statement to the Police to indicate its authenticity. You sign a bank card to confer validity. (At least where I come from, above the signature strip on most bank cards it still says "not valid unless signed.") -- Best regards MFPA mailto:2014-667rhzu3dc-lists-gro...@riseup.net Of course it's a good idea - it's mine! -----BEGIN PGP SIGNATURE----- iPQEAQEKAF4FAlNZqyxXFIAAAAAALgAgaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl bnBncC5maWZ0aGhvcnNlbWFuLm5ldEJBMjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0 N0VDQTAzAAoJEKipC46tDG5pXJkD/RCAH3/onr0XYVwglfgpyEdV6P19CqdjqfFJ iGNhFyBCpDXSl1XbBwTO8GcXmGnoCJsFw0TW9uyevGnOSkNFN4zvPvQSKwkM6mGV gnCnjSuIrPVQvyLtRzKq4qromAR+zpc/bPsVrH1VWBgXT5irZS4HR0CxluGR0/9q 5Dz3YfR2 =x+Jj -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
