Why CAs or public keysigning?
Thu Jun 19 22:06:03 2003
-----BEGIN PGP SIGNED MESSAGE-----
Ingo Kl=F6cker wrote:
| On Thursday 19 June 2003 15:53, CL Gilbert wrote:
|>I suppose I am missing something. I though trust levels were
|>assigned to keys, not signatures. I was not aware that I could sig=
|>someones key, and assign some level to that signature. AFAIK a
|>signature is absolute. I can not assign anything to my own
| If you sign a key you are asked:
| How carefully have you verified the key you are about to sign actua=
| to the person named above? If you don't know what to answer, enter=
| (0) I will not answer. (default)
| (1) I have not checked at all.
| (2) I have done casual checking.
| (3) I have done very careful checking.
| Your selection?
| And if you enter '?' at the prompt then you get the following help =
| When you sign a user ID on a key, you should first verify that the =
| belongs to the person named in the user ID. It is useful for other=
| know how carefully you verified this.
| "0" means you make no particular claim as to how carefully you
| "1" means you believe the key is owned by the person who claims to =
| but you could not, or did not verify the key at all. This is
| a "persona" verification, where you sign the key of a pseudonym=
| "2" means you did casual verification of the key. For example, thi=
| mean that you verified the key fingerprint and checked the user=
| key against a photo ID.
| "3" means you did extensive verification of the key. For example,
| mean that you verified the key fingerprint with the owner of th=
| person, and that you checked, by means of a hard to forge docum=
| photo ID (such as a passport) that the name of the key owner
| name in the user ID on the key, and finally that you verified (=
| of email) that the email address on the key belongs to the key =
| Note that the examples given above for levels 2 and 3 are *only* ex=
| In the end, it is up to you to decide just what "casual" and "exten=
| mean to you when you sign other keys.
| If you don't know what the right answer is, answer "0".
Where does this information show up? i have keys in my local keyring
that I assume are signed, but I never saw any number on them anywhere=
Free Java interface to Freechess.org
"Then said I, Wisdom [is] better than strength: nevertheless the poor
man's wisdom [is] despised, and his words are not heard." Ecclesiaste=
GnuPG Key Fingerprint:
82A6 8893 C2A1 F64E A9AD 19AE 55B2 4CD7 80D2 0A2D
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----