martin f krafft wrote:
also sprach Manoj Srivastava <srivasta@acm.org> [2007.05.31.1658 +0200]:Why is that surprising? Trust is not given away by default; it has to be earned.This is where we differ. I generally trust people until they abuse my trust. Call me naïv or anything, but it's been a good life so far on that track.
Otherwise, it will be difficult to have key signed. When I give my passport to a DD, I really trust (and hope) that he will not run away with my pass. Anyway should I certify that you are our madduck@debian.org or one of the "martin f krafft" in the world? I really see few people that check identity AND the email (people tend to sign all key-identity of a key). How to do this check in a reliable and completely secure way? (I think that a man on the middle attack is always possible). ciao cate PS: undecided about mass key signing party. I didn't participate, so I cannot judge the reliability.