Am 31.05.2017 um 01:22 schrieb Damien Goutte-Gattat:
Hi,
On 05/30/2017 09:25 PM, Stefan Claas wrote:
The classical procedure would be to sign a key with a sig3 after seeing
the persons id-card in a real meeting. But who guarantees that the
id-card is not fake (if the person is a complete stranger)?
Well, no one. You rely on the ability of the signer to distinguish
between a real ID-card and a fake ID-card. Of course, not everyone can
spot a well-crafted fake ID (I certainly cannot).
I cannot either, and that's why i like the mentioned german Governikus
CA. To obtain a sig3 from them it requires
that you authenticate online with you id-card, an id-card reader and the
german AusweisApp2 software.
Regards
Stefan
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
