Using the OTR plugin with Pidgin for verifying GPG public key fingerprints

Robert J. Hansen rjh at
Sun Mar 14 03:38:43 CET 2010

On 3/13/10 8:06 PM, erythrocyte wrote:
> Umm.. if I understand the nature of the probability tests or
> calculations just mentioned above

You don't.

If person A and person B disagree on whether something is fake, the
operating assumption is that it's fake.  The burden is on the person
claiming it's *not* fake to persuade the person claiming it *is* fake
that they're wrong.

Alan: "Hey, Bill, did you see this ID?  It looks fishy."
Bill: "It looked good to me."
Alan: "It doesn't look good to me."
Bill: "Okay.  Let me show you why I thought it was good, and let's take
       it from there..."

> And besides, even if the above weren't true, how do I know that
> someone who does have that thought will make sure to check with others
> at the keysigning party?

There is a word for someone who keeps their mouth shut about fake IDs at
keysigning parties.  That word is *conspirator*.

If you're assuming everyone else at the keysigning party is a
conspirator, then sure, you're out of luck.  But in that case, you were
out of luck before you even stepped in the door.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5598 bytes
Desc: S/MIME Cryptographic Signature
URL: </pipermail/attachments/20100313/c5df2fa1/attachment-0001.bin>

More information about the Gnupg-users mailing list