Robot CA at toehold.com
Mon Dec 9 00:47:01 2002
Content-Type: text/plain; charset=us-ascii
On Sun, Dec 08, 2002 at 05:51:06PM -0500, David Shaw wrote:
> On Sun, Dec 08, 2002 at 05:19:41PM -0500, Jason Harris wrote:
> > > Do you intend to give a "sig!1" to everybody who ever answered to an
> > > encrypted e-mail you sent to them? They all prooved that their e-mail
> > > address is valid.
> > Not at all; I only do so when I have a good reason.
> Keep in mind that despite you tagging the signature as persona, no
> OpenPGP programs treats it any differently. You're making a strong
> binding there, and calling it weak doesn't make it weak. People
> depend on you as a member of the web of trust to not do this.
I'm aware of the current shortcomings of keyanalyze, pathfinder,
and GPG, but still feel that 0x11/persona signatures have their place.
Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it?
firstname.lastname@example.org | web: http://jharris.cjb.net/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (FreeBSD)
-----END PGP SIGNATURE-----