[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Web of Trust (a revolution)



On Wednesday 01 April 2009 14:18:11 David wrote:
> On 4/1/2009 8:56 AM, Tim wrote:
> > On Wed, 2009-04-01 at 13:42 +0200, "Stanisław T. Findeisen" wrote:
> >> Sure, you might not be sure how honest a particular person
> >> is, or how accurate she is when it comes to key signing. But it
> >> *might* be helpful to know that a key of someone else that you haven't
> >> met in person has been signed by, say, 10 different people that you
> >> did meet before
> >
> > You need to know them more than just having met them before, you need to
> > know what their attitude is to signing keys.  Will they only sign keys
> > with users that have credible ID?  And could they spot fake ID?
>
> I use a state issued picture driver license, a birth certificate, and a US
> Passport.
>
It is generally accepted that meeing someone, alone, is not sufficient 
identification.  Before you sign anyone's key, or let them sign yours, you 
should always see this kind of official documentation.  Anyone considering 
getting keys signed should read 
http://cryptnet.net/fdp/crypto/keysigning_party/en/keysigning_party.html

Anne
-- 
New to KDE4? - get help from http://userbase.kde.org
Just found a cool new feature?  Add it to UserBase

Attachment: signature.asc
Description: This is a digitally signed message part.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]