Using root CAs as a trusted 3rd party

Ken Hagler khagler at
Sat Jan 21 22:49:20 CET 2012

On Jan 21, 2012, at 10:12 AM, Aaron Toponce wrote:

> What are your thoughts on using root CAs as a trusted 3rd party for
> trusting that a key is owned by whom it claims? Of course, this is merely
> for casual checking, but it seems to be "good enough".

As far as I can see the only checking CAs do before issuing a certificate is "does the credit card clear."
                              Ken Hagler

|                            |
|   And tho' we are not now that strength which in old days       |
|   Moved earth and heaven, that which we are, we are --Tennyson  |

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: </pipermail/attachments/20120121/2489db81/attachment.pgp>

More information about the Gnupg-users mailing list