published key security levels
Hauke Laging
mailinglisten at hauke-laging.de
Thu May 13 16:15:07 CEST 2010
Am Donnerstag 13 Mai 2010 09:16:56 schrieb Hagen Fürstenau:
> > The main problem is: How do people recognise your high security key as
> > such? By the comment only?
>
> Seems like a pretty good use of the comment field to me. Especially
> since it might be hard to agree on generally applicable "security levels".
These two problems are not connected.
I don't think that people will like to write an individual description into
their comment field. Thus a category standard seems necessary to me. This
standard need not be bound to technical, it can be "legal" instead. How big
may the loss be you are willing to bear due to a forged signature or revealed
confidential information?
0: undetermined (zero)
1: zero
2: low
3: medium
4: high
5: unlimited
Everyone can determine for himself then how he translates this into technical
and organizational requirements for himself. Another possibility is to allow
both statements.
CU
Hauke
--
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20100513/247c9472/attachment.pgp>
More information about the Gnupg-users
mailing list