John W. Moore III wrote:
> Apparently You haven't Interviewed a U.S. College Graduate recently.
> :-\
Or, for that matter, some people with graduate degrees. As I told a
friend of mine a couple of days ago, "I used to be a lot more impressed
by Master's degrees until they gave me one."
An underg
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
reynt0 wrote:
> competence should taught by the 4xx level
Apparently You haven't Interviewed a U.S. College Graduate recently. :-\
A Bachelor's Degree is usually 'proof of competence' only in
Course/Instructor selection and One's tolerance level
On Fri, 23 May 2008, Faramir wrote:
reynt0 escribió [format slightly neatened by reynt0]:
is "Philosophy 101 stuff" (as RJH said), but the subject
is serious and important, IMHO, and the more people can
be aware of this on like a Philosophy 401 basis the less
at-risk they will be.
Wow... no
(replying to John Clizbe's post, but his full message is
an attachment as read by my nice simple email software so
"Reply" gives only a blank message, so I had to fiddle to
get it to show like a usual quoted reply)
. . .
Most Class I Certificates only prove you have control of the
email address.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Graham Murray escribió:
> For individuals I think that too much importance is placed on identity
> based on name. For companies it is different, it is useful to know that
> the email/web site etc that purports to be from example.com is actually
> from
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hardeep Singh escribió:
> There is nothing that can prove who you say you are. State provided ID
> cards only prove that you were able to convince the system that you
> have a specific name.
>
> Let me know if you feel differently.
>
> Regards
> Har
On Fri, 2008-05-23 at 12:54 +0530, Hardeep Singh wrote:
> Well, that may be true, but there are currently no options that are
> significantly better. The WOT model used by GPG is better? Maybe, but
> not significantly.
WoT gives you more options about how to determine trust levels. This,
to me, i
"Hardeep Singh" <[EMAIL PROTECTED]> writes:
> There is nothing that can prove who you say you are. State provided ID
> cards only prove that you were able to convince the system that you
> have a specific name.
For individuals I think that too much importance is placed on identity
based on name.
Hi
> The OpenPGP trust model is a proper superset of the centralized hierarchical
> trust model most often seen in the X.509 world. Several years ago Matt Blaze
> made the observation that commercial CAs will protect you against anyone who
> that CA refuses to accept money from.
>
Well, that may
Ramon Loureiro wrote:
> I've got a personal THAWTE Certificate!
> It carries my name. I wonder if it will be enought to trust me on the GPG
> model...
That depends on the person granting trust, the trust model they have adopted,
and whether or not (and to what degree) they trust Thawte's certifica
On Sat, May 03, 2008 at 04:43:28PM -0400, John W. Moore III wrote:
> reynt0 wrote:
> > A few minor, picky points, FWIW:
> > 2. Is it "certain" that "Thawte has confirmed", or is it
> > *claimed* that Thawte has confirmed?
>
> They 'Ping' the Email Address to confirm control of it.
Aw, how hard i
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Ramon Loureiro wrote:
> I've got a personal THAWTE Certificate!
> It carries my name. I wonder if it will be enought to trust me on the
> GPG model...
I would personally recommend You look into www.gswot.org; but I admit to
bias there. :-D
JOHN ;
John W. Moore III escribió:
> Bill Royds wrote:
>
>> Your Thawte certificate reads Signed ([EMAIL PROTECTED])
>
> This also doesn't mean that You really are Ramon Loureiro, since the
> Certificate doesn't carry Your _Name_ indicating that Other People have
> eyeballed You + Government Issued Doc
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
reynt0 wrote:
> A few minor, picky points, FWIW:
> 1. Of course, the trustworthyness of anything claiming
> to be Government Issued Documentation always has to be
> evaluated (as do governments, too, I suppose).
As a General Rule it is hoped that
On 3-May-08, at 03:34 , Werner Koch wrote:
As usual I have to mention that what you mean is the Web of Trust
(WoT)
as used by default in PGP and GPG. In contrast to X.509, OpenPGP
allows
the use of any kind of trust model with its framework.
Yes, you are correct. The WoT model was dev
On 02 May 2008 [EMAIL PROTECTED] wrote:
. . .
This also doesn't mean that You really are Ramon Loureiro, since the
Certificate doesn't carry Your _Name_ indicating that Other People have
eyeballed You + Government Issued Documentation affirming that You
actually are who You say You are. To acco
On Fri, 2 May 2008 23:55, [EMAIL PROTECTED] said:
> The PGP (GPG) model is that one only trusts certificate that come
> from someone you already trust or from someone that is trusted by
> someone who you trust etc. There is no implicit trust so it takes more
As usual I have to mention that what
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Mark H. Wood wrote:
> "whether you do or not" is not strictly correct, I think. It sure
> looks to me like I could delete some or all of the root certificates
> that my browser came with, and then keys from certificates which chain
> back to those
On Fri, May 02, 2008 at 05:55:17PM -0400, Bill Royds wrote:
> Basically a PKI-509 type signing is a tree of trust relationship, where the
> root of the tree is a set of certificate issuers that your browser or email
> program trusts whether you do or not. These then issue certificates to
"wheth
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Bill Royds wrote:
> Your Thawte certificate reads Signed ([EMAIL PROTECTED])
This also doesn't mean that You really are Ramon Loureiro, since the
Certificate doesn't carry Your _Name_ indicating that Other People have
eyeballed You + Government Is
On 2-May-08, at 04:50 , Ramon Loureiro wrote:
Great!
I think I've got it!
(This msg should be MIME-signed with a Thawte certificationx)
Yes, it was signed, by the Thawte issued signature.
Basically a PKI-509 type signing is a tree of trust relationship,
where the root of the tree is a se
Ramon Loureiro wrote the following on 5/2/08 4:50 AM:
[...]
> Great!
> I think I've got it!
> (This msg should be MIME-signed with a Thawte certificationx)
The raw source of your message shows:
Content-type: multipart/signed; protocol="application/x-pkcs7-signature";
micalg=sha1; boundary=-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Charly Avital escribió:
>> Great!
>> I think I've got it!
>> (This msg should be MIME-signed with a Thawte certificationx)
>
> The raw source of your message shows:
> Content-type: multipart/signed; protocol="application/x-pkcs7-signature";
> micalg
With a certificate of this kind you can sign e-mail and decrypt e-mail
encrypted to you on the basis of S/MIME, which is a different protocol from
OpenPGP and incompatible with it. The pros of it is that it is supported by
mainstream MUAs, Outlook Express and MS Outlook, and the Web of Trust iss
Hi again!
Charly Avital escribió:
Ramon Loureiro wrote the following on 5/2/08 3:52 AM:
Hi
I just have ask for an email certificate to thawte.com thinking that
it's handled like a GPG signature (I thought that I'll have something
like a GPG certified signature)
Now I have the certificate.
Ramon Loureiro wrote the following on 5/2/08 3:52 AM:
> Hi
> I just have ask for an email certificate to thawte.com thinking that
> it's handled like a GPG signature (I thought that I'll have something
> like a GPG certified signature)
> Now I have the certificate I have installed it in Exp
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi
I just have ask for an email certificate to thawte.com thinking that
it's handled like a GPG signature (I thought that I'll have something
like a GPG certified signature)
Now I have the certificate I have installed it in Explorer and
Fire
27 matches
Mail list logo
