On Mon, 12 Sep 2011 22:31:59 +0200, Måns Nilsson said: > Since you are from Sweden, and in an IT job, you probably have personal > relations to someone who has personal relations to one of the swedes > or other nationalities that were present at the key ceremonies for the > root. Once you've established that the signatures on the root KSK are good > (which -- because of the above -- should be doable OOB quite easily for > you) you can start validating the entire chain of trust. > > Quite trivial, in fact.
I'll note that the PGP "strongly connected set" has grown all the way to 45,000 or so keys in 2 decades of growth. There are several billion Internet users. What may be workable for Fredrik is probably *not* scalable to Joe Sixpack.
pgpHk6Uevbz09.pgp
Description: PGP signature
