How trust works in gpg...
Werner Koch
wk at gnupg.org
Wed Apr 16 09:42:05 CEST 2008
On Tue, 15 Apr 2008 20:04, dshaw at jabberwocky.com said:
>> I remember Werner saying that this was just nonsense.
>> Werner, can you correct me if I'm wrong?
>
> Not enough information above to say nonsense or not. There are silly
> ways to use challenges and non-silly ways.
What I meant are proofs based on the ability to decrypt a message. That
is not going to work if you do not have an encryption subkey.
Regarding signing challenges; they are fine as along as a signing subkey
is available. Like me, some folks keep their primary key offline and
may even use a dedicated box for signing keys. The challenges are thus
somewhat cumbersome.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.
More information about the Gnupg-users
mailing list