Why CAs or public keysigning?
Ty C. Mixon
Fri Jun 20 21:33:02 2003
Hi group! I've been lurking a while.
On Fri, 2003-06-20 at 14:01, David Shaw wrote:
> As I said, then, in your case signature levels don't help you much.
> > Anything less than absolute security is absolute insecurity.
> Not at all true.
I have to agree with David here. The first thing you learn about
security is it's a myth. The only way to keep a secret is to never tell
it, that kind of thing. Second, you can know that I trust person A with
some things (company info for instance), but I sure as hell wouldn't
trust them if I was having an affair.
So by Gilbert's definition, person A is completely insecure for
information storage. =20
And don't try to tell me it's not the same thing b/c from what I've been
reading, this is all about WHO you can trust, not about the technology
of security. If I'm wrong on that then my whole argument goes out the
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.3rc1 (GNU/Linux)
> Comment: Key available at http://www.jabberwocky.com/david/keys.asc
> -----END PGP SIGNATURE-----
> Gnupg-users mailing list
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
-----END PGP SIGNATURE-----