Virtual Keysignings
Ingo Klöcker
ingo.kloecker@epost.de
Sun Jun 8 11:34:02 2003
--Boundary-02=_hmk4+kIbmLKAmfh
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
On Saturday 07 June 2003 21:14, Werner Koch wrote:
> On Sat, 7 Jun 2003 12:03:56 +0200, Ingo Kl=F6cker said:
> > Then I hope that you sign those keys only locally (i. e. with gpg
> > --lsign).
>
> No, it is about whether you trust hime to do a suitable identity
> check. If you don't trust hime, answer "I don't trust". The Web Of
> Trust does not work with a common policy - its all about how you
> trust others to fo the Right Thing.
Well, if Carl only signed those keys with exportable signatures that he=20
has carefully checked and if he signed all other keys with local,=20
non-exportable signatures then I could trust him (to a certain extend),=20
right? So whether I can trust his signatures or not depends very much=20
on his usage or not-usage of local signatures for unverified keys.
Regards,
Ingo
--Boundary-02=_hmk4+kIbmLKAmfh
Content-Type: application/pgp-signature
Content-Description: signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQA+4kmhGnR+RTDgudgRAjt+AKDAr9NLA6p00u9Fd1zLyK6IPL2brwCfU8r3
JmiCin71rZ3P6O4XxxxX5XA=
=LyFH
-----END PGP SIGNATURE-----
--Boundary-02=_hmk4+kIbmLKAmfh--