[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: key signing transitivity

> > On Wed, 12 Mar 2003, Henrique de Moraes Holschuh wrote:
> > > Well, acceptable for what? NM? It would count towards certifying the M key,
> > > but it would not be enough, IMHO.
> > http://www.omegasphere.net/ssl/freemail/ may be of use for
> > people who wish to prove their identity.  Though the page
> Not for Debian.
Well, I've been in some queue or other for so long that
perhaps things have changed, but I know in the past that an
email certificate issued by one of the commercial 'trust
authorities' was one way to help provide a trust path.

> And anyone signing a gpg key of someone else based on a certificate or
> certification of someone else is better off not touching crypto software
> ever again.
I wasn't suggesting that.  I was merely mentioning that
there are companies which make there $ verifying peoples'
identities (now, in the case of the class 1 certificate I
pointed to earlier, it in fact only confirms that a person
has use of an email address - a class 2 certificate would be
more appropriate for Debian usage).  The trust path is
between the person who gets the certificate and the
person issuing it, so I don't see why you think I was
meaning that people should sign a GPG key based on that

| Daniel Dent   ddent@ddent.net      If it ain't broke, tweak it! |
| 10 page website, email forwarding, URL forwarding, DNS, & more. |
| $10.95 USD/year.                    http://www.omegasphere.net/ |

Reply to: