playing with cryptography...

John W. Moore III jmoore3rd at bellsouth.net
Sat May 3 22:43:28 CEST 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

reynt0 wrote:

> A few minor, picky points, FWIW:
> 1.  Of course, the trustworthyness of anything claiming
> to be Government Issued Documentation always has to be
> evaluated (as do governments, too, I suppose).

As a General Rule it is hoped that Passports are checked for Identity
Authentication by the issuing Authority.  I know that when I am
'confirming' the Identity of an Individual I require that I be shown a
narrow selection of Documentation.  Documents that I am comfortable with
the level of difficulty of forgery.  This is why it takes presentation
of 'Proof of Identity' to several folks to obtain a Named Certificate.

> 2.  Is it "certain" that "Thawte has confirmed", or is it
> *claimed* that Thawte has confirmed?

They 'Ping' the Email Address to confirm control of it.

> 3.  Of course, Thawte's confirmation process is however
> trustworthy or not as it may be, which has to be evaluated.

Which is why the level of Trust in any Certificate may be Edited by the
End User.

But all this discussion of x.509 Certificates is somewhat far afield
from the purpose of this particular List.  If everyone here was
comfortable with S/MIME then We wouldn't be using GnuPG.

JOHN ;)
Timestamp: Saturday 03 May 2008, 16:42  --400 (Eastern Daylight Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.5.0-svn4754: (MingW32)
Comment: Public Key at:  http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: https://www.gswot.org
Comment: Homepage:  http://tinyurl.com/yzhbhx

iQEcBAEBCgAGBQJIHM5vAAoJEBCGy9eAtCsPiGcH/0+XzHbEewvbylYIgskt5Pj0
V3lfydQjUXAn8INkGz6B+L8WXeN9FlkqHuSGAJs+PKYLfVnz8YQoXRojHfsdOp8F
V5Lo78rYe2wNkWZXouW2RutSd9SN0JTmZoWgj+zc17Y7xNsMozm0w4jxFlF7YnOC
q/vdn79hYe6blZGmf3G+QXPB+hs3IGsdjxv2qHP03pVXapVzNEz4R/47TFvVQbF5
KB3vS2tuIPhwo3/eK709ioqrCd5I3K1MjeTSXUj5cku71qAXuEKwVBimFs+0yAYF
IvyIwXjRkkeIu6afXRCNO88Y/IirXao58F+sX9d8NUr29JTHVVKPKJf7aYIBLXo=
=eXt8
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list