discussion on increasing amount of gpg signatures...
Ben Paul Wise
bwise@sito.saic.com
Sat Oct 13 00:10:01 2001
Johan et al:
The "web of trust" is not meant to determine honesty, reliability,
discretion, etc. It is meant to be a web of certifications that the keys
are actually in use by those who appear to be using them.
The difference: I may know with absolute certainty that the key belongs
to John Doe because of the web of trust. Therefore, I know with absolute
certainty that he'll blab my secret all over town as soon as he knows it -
because he really is the John Doe whom I distrust.
On Friday 12 October 2001 12:42, Johan Wevers allegedly wrote:
> Douglas Elznic wrote:
> > It seems that the biggest problem with gpg is not technichal and but a
> > social problem. The problem seems to be the lack of signatures and size
> > of the web of trust.
>
> Hmmm. If I discuss things that really need to be kept secret I only do
> that with people I already know and whose keys I trust. And trusting
> people for discussing one subject does not automatically mean I trust
> them for discussing other subjects too. This means I just don't care for
> the "web of trust". Before I discuss some things with people, I just
> need to trust them personally, not "trust" them because other people do.
--
Ben Wise, PhD Mobile: 703-731-5144
SAIC GnuPG ID: 0xF491BD21
http://www.saic.com bwise@sito.saic.com