Suspect Signatures
David Shaw
dshaw at jabberwocky.com
Wed Sep 24 04:19:47 CEST 2008
On Sep 23, 2008, at 6:08 PM, David Newman wrote:
>> On Mon, Sep 22, 2008 at 02:42:19PM -0400, David Newman wrote:
>>> Is there a that I can mark the signature as suspect,
>>
>> Alas, no.
> [snip]
>> That said, this is really an aesthetic problem, and not a trust
>> problem. The web of trust ultimately takes care of bad signatures as
>> those people who issue them will eventually get marked as
>> untrustworthy.
>
> Is that because there is not a 2-way trust relationship going on?
> I guess I don't understand how the WoT will be able to figure out
> that he is untrustworthy if there is no way to mark a signature
> as untrustworthy. It seems there should be a way to sign signatures
> as good or bad.
Not exactly. The WoT doesn't exactly figure out who is untrustworthy,
but rather who is trustworthy. Anyone unknown is just ignored. Thus,
a unknown signature on your key doesn't actually impact much unless it
is trusted by someone.
David
More information about the Gnupg-users
mailing list