Trust model - trust level 1 and 2
Aaron Toponce
aaron.toponce at gmail.com
Thu Aug 11 22:52:39 CEST 2011
On Thu, Aug 11, 2011 at 08:05:55PM +0200, Jerome Baum wrote:
> > Is there any difference in the standard trust model between marking a
> > key level 1 ("I don't know or won't say") and level 2 ("I do NOT
> > trust")?
>
> There isn't really a "standard trust model". What you should really do
> is have a key signing policy and embed the URL to that policy with
> every signature (plus, obviously, sign the policy). e.g. pipe
> <http://jeromebaum.com/jerome.asc> through "gpg --list-packets" and
> you'll see that the link to my signing policy is
> <http://jeromebaum.com/policy.html> and per the footnote there you can
> find the signature at <http://jeromebaum.com/policy.html.asc>.
http://jeromebaum.com/policy.html.asc works, but .gpg, .pgp and .sig give
an error of page not found, even though the footer of your siging policy
says otherwise.
FYI.
--
. o . o . o . . o o . . . o .
. . o . o o o . o . o o . . o
o o o . o . . o o o o . o o o
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 527 bytes
Desc: Digital signature
URL: </pipermail/attachments/20110811/53656c90/attachment-0001.pgp>
More information about the Gnupg-users
mailing list