Am 15.02.2015 um 12:26 schrieb Ludwig Hügelschäfer:
> On 14.02.15 23:05, Stephan Beck wrote:
>
>> Well, it's rather a precautionary measure than an actual security
>> measure, , reminding me of not trusting the key owner's ability to
>> handle and verify signatures correctly, if he/she uses a signature
>> no one has the chance to check because the information about the
>> public key's location isn't indicated by its owner in his/her very
>> message. I assigned the "I do not trust him" attribute to the first
>> key he used in a previous message.
>
> You seem to have misunderstood what ownertrust is good for. Trusting
> an owner about placing his signatures is not about how she/he signs
> messages.
>
> It is about how carefully she/he checks identity and mail address
> before signing other keys. You can only judge that if you have seen
> her/him in real life doing that.


OK, I give you that, strictly speaking, it might not be the same, but at the
moment I had no other measure at hand to remind me of being careful with that
kind of event. And a bad signature event is not the ideal event for putting
trust in a key owner's identity at all.

Stephan

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to