Trust model - trust level 1 and 2
Hauke Laging
mailinglisten at hauke-laging.de
Thu Aug 11 22:56:31 CEST 2011
Am Donnerstag, 11. August 2011, 20:05:55 schrieb Jerome Baum:
> There isn't really a "standard trust model". What you should really do
> is have a key signing policy and embed the URL to that policy with
> every signature (plus, obviously, sign the policy).
For keys with "high" security requirements the policy should also be signed by
the ones who signed the key as it would be easy to write and sign a high
security policy for a compromised low security key.
Hauke
--
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 555 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110811/2c07b1aa/attachment.pgp>
More information about the Gnupg-users
mailing list