Re: OT: More about GPG signing
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 11/05/12 07:45, Jon Dowland wrote:
> On Thu, May 10, 2012 at 05:32:25PM +0100, Tony van der Hoff wrote:
>> So, the OP signs his mail to a list. I would guess that no web of
>> trust exists between him and 99.9% of the list members.
>>
>> What is the benefit of such a signature?
>
> I don't know Phil Dobbin, I haven't ever met him and I probably
> never will. Phil Dobbin exists to me only as a participant on this
> mailing list. He signs his mail. Over time, my mental model of Phil
> Dobbin will be composed entirely and exclusively based on his
> conduct on this mailing list. If I ever did meet him, I might be
> able to prove that the owner of key A093C263 is legally called Phil
> Dobbin in some juristiction or other. What exactly have I gained?
> This knowledge means nothing to me. I know many people who are not
> called by their legal name anyway. The fact that A093C263 calls
> himself "Phil Dobbin" is something I don't need to verify.
>
> In this particular case, the web of trust is not as relevant, since
> I don't need it to prove that one mail signed by A093C263 was
> written by the same person as another mail signed by A093C263.
>
> [ having said that, it would be nice if things like
> http://pgp.cs.uu.nl/mk_path.cgi?FROM=06AAAAAA&TO=A093C263&PATHS=trust+paths
>
>
worked. Phil, why not push your key and sigs to pgp.mit.edu? ]
Done. & the Dutch pgp authority now hold a copy also.
Now, can we all get back to work please? Four days is a long time to
discuss a subject that's been around to my knowledge for fifteen years :-)
Cheers,
Phil...
- --
currently (ab)using
Debian Squeeze, Fedora Verne, OS X Snow Leopard, Ubuntu Oneiric
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQEcBAEBAgAGBQJPrNDNAAoJECPmYW6gk8JjOxsH/0NsJ5Tgs0moske2gEFSijGv
/oZyQ161dRqhNTF20Qsd8mtr05NriXira6avBREtlA1g0Nr1JU88DqgFveRaylYX
f0nG6mkFZazSIqWCkKnEj+olqJLoHD54x/zMPbkZHtz+4dbNx9DQljbTV7xLNpCN
F+9lF7rX/cjq89fzeTiNbBmblmPRO2PRr8EEHComY2btKy+mggVyTCkk5rXTkjlb
hZIJ7A2n/4NerP0C5Lx96Ab6OP9f/mky5Fefkb9JlaG08V0y3bTZweZFEXPwfO8j
xJUCT853g+qPTSWchZtZErb34fLRWT25xF/qpPP5mQAukbk3ybF86ZQ5Wt9TciI=
=uqL4
-----END PGP SIGNATURE-----
Reply to: