Am Dienstag, 24. Januar 2012, 22:10:35 schrieb Faramir:
> > This is why OpenPGP implementations have trust settings. If Bob
> > trusts Trent's assertions, then he can give Trent full trust and
> > Bob's implementation will believe that Alice's key belongs to
> > Alice. There's no need to sign th
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 24-01-2012 16:26, brian m. carlson escribió:
> On Tue, Jan 24, 2012 at 03:13:46PM -0300, Faramir wrote:
>> Well, if Trent signs Alice key, Bob, who trust Trent, might sign
>> her key too. Charly doesn't know Trent, but he trusts Bob's
>> judgement
On Tue, Jan 24, 2012 at 03:13:46PM -0300, Faramir wrote:
> Well, if Trent signs Alice key, Bob, who trust Trent, might sign her
> key too. Charly doesn't know Trent, but he trusts Bob's judgement, so
> he might accept Alice's key as valid, not because of Trent's
> signature, but because of Bob's
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
El 21-01-2012 18:50, Gregor Zattler escribió:
> Hi Aaron, gnupg users, * Aaron Toponce
> [21. Jan. 2012]:
>> I just signed an OpenPGP key with cert level 0x12 (casual
>> checking) given the following scenario:
>>
>> * A PGP key was signed by an SSL
Hi Mike, gnupg users,
* gn...@lists.grepular.com [22. Jan. 2012]:
[...]
> I sometimes wonder if the traditional public web of trust is even a good
> idea. Are you happy to be associated with everybody you've signed the
> key of and those who have signed yours? Are you sure that none of these
> peo
On 01/23/2012 03:24 PM, Mark H. Wood wrote:
> On Sat, Jan 21, 2012 at 01:49:20PM -0800, Ken Hagler wrote:
>
> (...)
>
> I guess that the lesson is: don't assume. Find out for yourself
> whether a CA is worthy of your trust, before trusting.
Well, that could be a big challenge. In addition consi
On Sat, Jan 21, 2012 at 01:49:20PM -0800, Ken Hagler wrote:
> On Jan 21, 2012, at 10:12 AM, Aaron Toponce wrote:
>
> > What are your thoughts on using root CAs as a trusted 3rd party for
> > trusting that a key is owned by whom it claims? Of course, this is merely
> > for casual checking, but it s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Reference:
Subject: Re: Using root CAs as a trusted 3rd party
Date: Sat, 21 Jan 2012 13:49:20 -0800
From: Ken Hagler
To: Aaron Toponce
CC: gnupg-users@gnupg.org
> On Jan 21, 2012, at 10:12 AM, Aa
On 22/01/12 02:49, Aaron Toponce wrote:
> Yes. That's all I'm after. I think the militant "I _absolutely_ won't sign
> any keys unless I verify their identification, face-to-face" attitude is
> hindering adoption. There must be a way to build the WOT, while still
> allowing people to sign keys wit
Hi Aaron, gnupg users,
* Aaron Toponce [21. Jan. 2012]:
> On Sat, Jan 21, 2012 at 10:50:11PM +0100, Gregor Zattler wrote:
>> IMHO by signing a key you make a statement about the connection
>> between a person or owner and the user id you sign, saying "I
>> somehow convinced myself that user owns t
On Sat, Jan 21, 2012 at 10:50:11PM +0100, Gregor Zattler wrote:
> IMHO by signing a key you make a statement about the connection
> between a person or owner and the user id you sign, saying "I
> somehow convinced myself that user owns this key". This only
> makes sense if you have some insight in
On Sat, Jan 21, 2012 at 02:47:25PM -0500, Thomas Harning Jr. wrote:
> That process seems pretty reasonable, assuming the CA is reputable. Even
> better if you keep track of the SSL cert to keep track of breaches and the
> like.
The idea is only to casually trust that a key belongs to a person. If
On Jan 21, 2012, at 10:12 AM, Aaron Toponce wrote:
> What are your thoughts on using root CAs as a trusted 3rd party for
> trusting that a key is owned by whom it claims? Of course, this is merely
> for casual checking, but it seems to be "good enough".
As far as I can see the only checking CAs d
Am Samstag, 21. Januar 2012, 19:12:15 schrieb Aaron Toponce:
> I just signed an OpenPGP key with cert level 0x12 (casual checking) given
> the following scenario:
>
> * A PGP key was signed by an SSL certificate that was signed by a root
> CA
> * I verified that the signature was ind
Hi Aaron, gnupg users,
* Aaron Toponce [21. Jan. 2012]:
> I just signed an OpenPGP key with cert level 0x12 (casual checking) given
> the following scenario:
>
> * A PGP key was signed by an SSL certificate that was signed by a root
> CA
> * I verified that the signature was indeed
On Jan 21, 2012 1:13 PM, "Aaron Toponce" wrote:
>
> I just signed an OpenPGP key with cert level 0x12 (casual checking) given
> the following scenario:
>
>* A PGP key was signed by an SSL certificate that was signed by a root
> CA
>* I verified that the signature was indeed from that
16 matches
Mail list logo
