Robot CA at

Jason Harris
Sun Dec 8 19:11:01 2002

Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sun, Dec 08, 2002 at 05:48:32PM +0100, Michael Nahrath wrote:
> Adrian 'Dagurashibanipal' von Bidder <> schrieb am
> 2002-12-08 16:07 Uhr:

> Why should anybody sign Kyle's internet-service?
> At the moment only he can proove that it really is his program.
> If you want to build a trust path to his robot sign _his_ key and give fu=
> ownertrust to Kyle's key!
> (or find another chain of ownertrusted signatures that leads to him.
> Maybe you already have one:
> <

Yes, that (pathfinder) path does exist.

I (0xD39DA0E3) signed Kyle's personal (0x2A94C484) and robot (0xC521097E)
keys with 0x11/persona signatures because I established that the keys
were linked to their specified email/web addresses.  The 0x072FAC89 <->
0xD39DA0E3 signatures came from an in-person keysigning.  I can't speak
for the other signers.

If anyone wants to see keyanalyze reports without PGP CA keys being
included, the first step is identifying them.  So far, I know about
Thawte Freemail (0x5AC41CB9, 0xDE46F54F, 0x6BE9A169, 0x066E6D90,
0x3CE4352F, 0xAD26F8E6, 0xFE77B6E1, 0x1811465A, 0x663D3B3F, 0x6F79AC0C,
0x86EE189C), ct magazine (0xB3B2A12C), and Robot CA (0xC521097E,
0x8A7C07CD)., DFN-PCA, and
are some others that spring to mind.  Some signatures from some of
these keys are backed up by in-person identity checks, though.

NB:  Watch your followups.

Jason Harris          | NIC:  JH329, PGP:  This _is_ PGP-signed, isn't it? | web:

Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.2.1 (FreeBSD)