Thu Jun 12 00:43:02 2003
-----BEGIN PGP SIGNED MESSAGE-----
Lucas Gonze wrote:
|>On Tuesday 10 June 2003 17:01, CL Gilbert wrote:
|>>But I disagree that my trust levels would not benefit you. I would
|>>never give anyone complete trust unless they were someone I knew
|>>personally like a co-worker or school-mate, neighbor, etc. Even
|>>meeting at a key signing party is not enough. Hmm, but it appears I
|>>am using the trust model wrong. because knowing who someone is does
|>>not mean you trust them. Seems like something is missing here. Be
|>>nice to give a confidence level on a signature. Anyway, I cant see
|>>giving anyone any level of trust unless I knew them personally.
| You're mixing up faith that your belief in some fact is correct with faith
| in the fact that some person will act in your interest. The second is a
| subset of the first. The PGP web of trust certifies that you have faith
| in the fact that some true name should be associated with some key.
| Of course, people usually just sign the keys of anyone who asks. I
| suspect that all webs of trust certify that there exists a social
| - Lucas
Well as I understand it the gpg trust model is only trust that you
believe the person has a respectable key signing policy. it has nothing
to do with wether you believe the person is who they say they are.
Thats what signing their key is for.
| Gnupg-users mailing list
Carl L. Gilbert
Free Java interface to Freechess.org
"Then said I, Wisdom [is] better than strength: nevertheless the poor
man's wisdom [is] despised, and his words are not heard." Ecclesiastes 9:16
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----