Using root CAs as a trusted 3rd party

Gregor Zattler telegraph at
Tue Jan 24 17:25:17 CET 2012

Hi Mike, gnupg users,
* gnupg at <gnupg at> [22. Jan. 2012]:
> I sometimes wonder if the traditional public web of trust is even a good
> idea. Are you happy to be associated with everybody you've signed the
> key of and those who have signed yours? Are you sure that none of these
> people will do anything in the future which might cause these public
> associations to become a problem for you?

When I sign a key a make a statement that I checked somehow that
the key "belongs to" a specific person  P.  I might make further
claims via a notation or a policy url but I don't have to.

Merely stating that I proved someones identity of P should not
mean anything else.

But you are right, perhaps in the future P will be known to be a
christ|communist|murderer|free software user|... and some
government|churches|militia|... may come after me because I had
dealings with such a person.  But this might also happen because
I am neighbour to P1 or was in school with P2 or even more
problematic, because this christ|communist|devil|free software
user|... might be me.  And especially in the later case I would
be happy if at least freedom loving free software users stand
against inhuman and morally wrong accusations.  Signing a key
means signing a key.  And we should fight for that if anyone gets
in trouble because of it.

Ciao, Gregor
 -... --- .-. . -.. ..--.. ...-.-

More information about the Gnupg-users mailing list