[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Web of Trust (a revolution)

On Tuesday 31 March 2009 13:16:42 Tim wrote:

> On Tue, 2009-03-31 at 12:27 +0100, Bill Crawford wrote:

> > Ought to be possible for people to visit companies' offices and sign

> > their keys, and add them to the "web of trust" as per PGP / GPG keys.

> > No idea if / how that should be done, in practice, though.


> Actually, I'd like to be able to do something like with banking (go into

> the branch, and physically confirm keys used for banking). For the one

> or two people that I've used encrypted mail with, I exchanged keys in

> person.


Bear in mind that the Public Key is intended to be just that - public. It is useless to anyone else as only you have the Private Key that forms the pair, so there is no problem at all about the public key being accessible. It can *only* be used to compare against your signature. It cannot be used in any attempt to pretend to be you.



New to KDE4? - get help from http://userbase.kde.org

Just found a cool new feature? Add it to UserBase

Attachment: signature.asc
Description: This is a digitally signed message part.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]