standardized security levels

Hauke Laging mailinglisten at hauke-laging.de
Mon Oct 14 07:12:15 CEST 2013


Am Mo 14.10.2013, 06:41:25 schrieb NdK:

> What I still couldn't understand is how I can sign a key saying "I'm
> really sure of the owner's identity, but I don't really trust him
> properly handling other signatures"

That is a strange question because normal certifications do not include any 
statement about how much you trust the key's certifications. Two reasons for 
that come to my mind immediately:

1) Public information may create social pressure. Nobody wants "Why don't you 
trust my certifications???" discussions.

2) Why should others care about your assessment in this category?

There is no need for what you want. And AFAIK it is not possible. The closest 
feature to that are trust signatures but they carry positive trust only.


> IIUC your proposal doesn't address that aspect.

That is correct. My proposal does not affect trust.


Hauke
-- 
Crypto für alle: http://www.openpgp-schulungen.de/fuer/bekannte/
OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 572 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20131014/250a5c7b/attachment.sig>


More information about the Gnupg-users mailing list