UI terminology for calculated validities
2014-667rhzu3dc-lists-groups at riseup.net
Wed Apr 23 21:32:27 CEST 2014
-----BEGIN PGP SIGNED MESSAGE-----
NotDashEscaped: You need GnuPG to verify this message
On Tuesday 22 April 2014 at 11:38:36 PM, in
<mid:5356EF6C.30201 at fifthhorseman.net>, Daniel Kahn Gillmor wrote:
> Did you see my two proposals at the end
> of my note about ways it could be improved if anyone
> has time and effort to put into it? the "same owner if
> both assert the same user ID" fix might be the
> least-fiddly one, which would catch a large fraction of
> the cases in question.
Would it be feasible to have a signature notation for use when
signing other keys you own, that could potentially be parsed by
GnuPG? It would have to be reciprocal to prevent abuse.
Say a user has two keys, 0x0123456789abcdef and 0xfedcba9876543210. I
propose each key could sign the other with a signature notation
siblings-0x0123456789abcdef-0xfedcba9876543210 at example.org.
If there were more than two keys it could be extended, or maybe each
pair would have to cross-sign. When GnuPG encountered "siblings" from
the same set that had cross-signatures with this notation, the
"family" could be counted only once in trust calculations.
MFPA mailto:2014-667rhzu3dc-lists-groups at riseup.net
Did you hear? They took the word gullible out of the dictionary
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the Gnupg-users