trust your corporation for keyowner identification?
peter at digitalbrains.com
Thu Oct 24 20:52:10 CEST 2013
On 2013-10-24 19:27, Stan Tobias wrote:
>> Because these are verifications outside the Web of Trust.
> Is that the only requirement?
*Sigh*. No, it's the other way around. The Web Of Trust should never be
a basis for your signature, because anyone else can simply trust the
people who already made signatures to make keys valid, and you only
muddle the view when you sign keys without verifying someone's identity.
But I get the sense I'm not coming through to you, so maybe we can just
agree to disagree, or at least agree to not understand eachother. I get
the sense I've made my point already and I'm just rehashing old material
> allow me some time for answering other parts,
Sure, if you like to. I never pressed you for an answer anyway. You
don't have to convince me; I'm quite happy being stubborn.
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at
More information about the Gnupg-users