Signing multiple keys
Doug Barton
dougb at dougbarton.us
Sat Aug 27 02:03:18 CEST 2011
On 08/26/2011 14:56, Nicholas Cole wrote:
> On Fri, Aug 26, 2011 at 10:34 PM, Doug Barton <dougb at dougbarton.us> wrote:
>
>> One could certainly argue that my doing this is verification step is
>> overly fussy (and you wouldn't be the first), but that's my policy.
>
> I honestly did not mean to be critical.
I didn't take it that way, and wouldn't have cared if you did in any
case. :)
> I was just struggling to see
> the security benefit. After all, all security brings inconvenience,
> but not all inconvenience brings security. :-)
>
> Do you have a particular concern about orphan keys?
I have a particular concern that if I sign a key with "I checked
carefully" that I really did. Moreover, I have a philosophical prejudice
that if I *can't* say "I checked carefully," why bother?
That said, I have in the past run across people who still have old
e-mail addresses that they no longer have access to on their keys, so
it's more than a theoretical issue, for me at least.
Doug
--
Nothin' ever doesn't change, but nothin' changes much.
-- OK Go
Breadth of IT experience, and depth of knowledge in the DNS.
Yours for the right price. :) http://SupersetSolutions.com/
More information about the Gnupg-users
mailing list