Signing people with only one form of ID?
dshaw at jabberwocky.com
Thu Feb 28 03:51:28 CET 2008
On Thu, Feb 28, 2008 at 01:38:11AM +0100, Richard Hartmann wrote:
> Hi all,
> after creating a new key and getting back into 'serious' gpg usage,
> I attended a key signing party where the overwhelming portion of
> people had only one form of ID with them.
> It seems that most people assign the highest trust level to others
> who have presented only one form of ID. Personally, I tend towards
> only granting that to people who showed me two seperate pieces
> of ID.
Perhaps more important than the number of IDs, is the quality of IDs.
A cheap generic photo ID from the local gym is practically worthless.
A passport or drivers license is usually good.
I wouldn't go crazy here: keep in mind that the web of trust is
designed for people who don't have the ability to prove that a
passport or license is real. This is one of the reasons that more
than one signature is needed to make a key fully valid. All that the
web of trust asks is that you do your best.
More information about the Gnupg-users