How trust works in gpg...
Werner Koch
wk at gnupg.org
Fri Apr 25 09:57:41 CEST 2008
On Thu, 24 Apr 2008 21:12, dshaw at jabberwocky.com said:
> not how the OpenPGP trust system works. The person who gets to decide
> if a key+uid should be signed is the person who makes the signature.
Nitpicking: It is not the OpenPGP trust system, but the way almost all
OpenPGP applications are used (basically Web of Trust). OpenPGP is just
a framework and you may implement any trust system on top of it; using
the mechanisms provided by OpenPGP.
I have to mention this because many people believe OpenPGP demands the
WoT and exclude OpenPGP from further inspection when searching for a
specialized PKI.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.
More information about the Gnupg-users
mailing list