Using the OTR plugin with Pidgin for verifying GPG public key fingerprints

MFPA expires2010 at ymail.com
Fri Mar 12 20:40:24 CET 2010


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi erythrocyte


On Friday 12 March 2010 at 12:46:28 PM, you wrote:


> a typical browser such as Firefox will have almost 200 root
> certificates from various CAs.

208 here, using Firefox 3.5.8



> Each of these adds a given amount of risk, that really should be
> made transparent to end-users IMHO.


I think you might mean the risk should be made *clear* to end-users?
Security is already *transparent* to end users visiting a "secure" website
whose root certificate the browser already trusts.



> Some belong to well known CAs, while others belong to less reputable
> ones.

A lot there that I've not heard of. Could be perfectly reputable, but
I am unaware of their reputation...



- --
Best regards

MFPA                    mailto:expires2010 at ymail.com

Think for yourself.
Otherwise you have to believe what other people tell you.
-----BEGIN PGP SIGNATURE-----

iQCVAwUBS5qYx6ipC46tDG5pAQpQsAP/TTwx9dfhUkdRCK3F6oGsiOUrmMP0SfZ8
zapd3RArehlkMChSUm2v4+DViQ8ZyOHc51S8sxuqPnnNb+ZXRaXx09vxkJSXmrR4
mQmnTQNIMDWLacUeI8hRNEVXriLpzgka0bX9q0QtsX1ZhqhLQmqLAT8CrsUn//Ek
SX1KIDCHXF4=
=kqyg
-----END PGP SIGNATURE-----




More information about the Gnupg-users mailing list