Why CAs or public keysigning?

CL Gilbert Lamont_Gilbert@RigidSoftware.com
Thu Jun 19 22:06:03 2003 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Ingo Kl=F6cker wrote:
| On Thursday 19 June 2003 15:53, CL Gilbert wrote:
|
|>I suppose I am missing something.  I though trust levels were
|>assigned to keys, not signatures.  I was not aware that I could sig=
n
|>someones key, and assign some level to that signature.  AFAIK a
|>signature is absolute.  I can not assign anything to my own
|>signature.
|
|
| If you sign a key you are asked:
| =3D=3D=3D=3D=3D
| How carefully have you verified the key you are about to sign actua=
lly
belongs
| to the person named above?  If you don't know what to answer, enter=
 "0".
|
|    (0) I will not answer. (default)
|    (1) I have not checked at all.
|    (2) I have done casual checking.
|    (3) I have done very careful checking.
|
| Your selection?
| =3D=3D=3D=3D=3D
|
| And if you enter '?' at the prompt then you get the following help =
text:
| =3D=3D=3D=3D=3D
| When you sign a user ID on a key, you should first verify that the =
key
| belongs to the person named in the user ID.  It is useful for other=
s to
| know how carefully you verified this.
|
| "0" means you make no particular claim as to how carefully you
verified the
|     key.
|
| "1" means you believe the key is owned by the person who claims to =
own it
|     but you could not, or did not verify the key at all.  This is
useful for
|     a "persona" verification, where you sign the key of a pseudonym=
ous
user.
|
| "2" means you did casual verification of the key.  For example, thi=
s could
|     mean that you verified the key fingerprint and checked the user=
 ID
on the
|     key against a photo ID.
|
| "3" means you did extensive verification of the key.  For example,
this could
|     mean that you verified the key fingerprint with the owner of th=
e
key in
|     person, and that you checked, by means of a hard to forge docum=
ent
with a
|     photo ID (such as a passport) that the name of the key owner
matches the
|     name in the user ID on the key, and finally that you verified (=
by
exchange
|     of email) that the email address on the key belongs to the key =
owner.
|
| Note that the examples given above for levels 2 and 3 are *only* ex=
amples.
| In the end, it is up to you to decide just what "casual" and "exten=
sive"
| mean to you when you sign other keys.
|
| If you don't know what the right answer is, answer "0".
| =3D=3D=3D=3D=3D
|

OK, 0...j/k

Where does this information show up? i have keys in my local keyring
that I assume are signed, but I never saw any number on them anywhere=
!?


| Regards,
| Ingo
|


- --
Thank you,


CL Gilbert
Free Java interface to Freechess.org
http://www.rigidsoftware.com/Chess/chess.html
"Then said I, Wisdom [is] better than strength: nevertheless the poor
man's wisdom [is] despised, and his words are not heard." Ecclesiaste=
s 9:16

GnuPG Key Fingerprint:
82A6 8893 C2A1 F64E A9AD  19AE 55B2 4CD7 80D2 0A2D
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE+8hdtVbJM14DSCi0RAiBbAKDC+IjskdOz3xbpvWIFgRnagWIAewCgmr1m
406rafaHhU64Xue8I1AGPTU=3D
=3DHtmj
-----END PGP SIGNATURE-----