Hi there, On Thursday 06 August 2009 15:08:50 Christian Perrier wrote: > Quoting Jan Wagner (waja@cyconet.org): > > .oO(*note* don't keysign with Petter Reinholdtsen for now) > > I wouldn't go to such drastic decisions, particularly with > Petter and I'm not really sure that fingerpointing really helps. I'm not fingerpointing in any way, really. :) On Thursday 06 August 2009 12:16:30 Petter Reinholdtsen wrote: > [Jan Wagner] > > > .oO(*note* don't keysign with Petter Reinholdtsen for now) > > No problem. I do not believe we know each other, so that is just as > it should be. :) Meeting each other before signing keys would be a nice requirement at least. :) On Thursday 06 August 2009 15:28:45 Sami Liedes wrote: > Why not? If you are sure that the identity is correct and that the > e-mail addresses are correct (through your use of caff), the only > thing your signature can do is strengthen the web of trust. I would > sign in that case. My rant wasn't about any process of knowing each other or verification of anything. I was only thinking about anyone uploading my key with his (maybe broken [for example sha1 signed]) signature on it. Many people did send me my signed keys several time, some more that 5 times. Imaging that these people uploaded the signature again and again would bloat my key on the servers a lot. When sending me these signatures, I can verify them first and if all looks good, I can upload them for my own. Just my 2 Euro-Cents, Jan. -- Never write mail to <waja@spamfalle.info>, you have been warned! -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GIT d-- s+: a- C+++ UL++++ P+ L+++ E- W+++ N+++ o++ K++ w--- O M V- PS PE Y++ PGP++ t-- 5 X R tv- b+ DI- D++ G++ e++ h-- r+++ y+++ ------END GEEK CODE BLOCK------
Attachment:
signature.asc
Description: This is a digitally signed message part.