On 02/05/14 15:57, MFPA wrote: > That is good. There are an awful lot of certifications out there from > keys for which there is no published certification policy. All of > these are essentially meaningless noise: unless we know what the > signer is claiming, how do we know what do do with their claim?
I don't quite understand. If I know someone, I can talk with them about how they verify ownership before they sign. Then I can judge whether I agree and assign ownertrust accordingly. If I don't know them, I wouldn't assign ownertrust even if their policy came with sparkles, glitter and a free magazine subscription. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter> _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
