On Wednesday 07 September 2016 22:20:42 Christopher Beck wrote: > Hi, > > just a (maybe) stupid question: the matching key to my recipient can be > fetched by keyservers and i determine the korrect key of all of the > (sometimes "wrong" keys") by vaidating the signatures according to the WoT. > So, what's the benefit of this new key service? It sounds much more > complicated (and un- trusworthy) than just using the WoT.
The WoT won't help you if the key isn't part of the WoT. That's the whole point of the new tofu trust model and the EasyGPG project. This new key service complements the tofu trust model in that it (kind of) guarantees that the email address/user id on the key is legitimate (provided the provider of the key service is trustworthy). Regards, Ingo
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
