Robot CA at

David Shaw
Sun Dec 8 23:50:01 2002

On Sun, Dec 08, 2002 at 05:19:41PM -0500, Jason Harris wrote:

> > Do you intend to give a "sig!1" to everybody who ever answered to an
> > encrypted e-mail you sent to them? They all prooved that their e-mail
> > address is valid.
> Not at all; I only do so when I have a good reason.

Keep in mind that despite you tagging the signature as persona, no
OpenPGP programs treats it any differently.  You're making a strong
binding there, and calling it weak doesn't make it weak.  People
depend on you as a member of the web of trust to not do this.


   David Shaw  |  |  WWW
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson