UI terminology for calculated validities
2014-667rhzu3dc-lists-groups at riseup.net
Sat Apr 26 13:03:14 CEST 2014
-----BEGIN PGP SIGNED MESSAGE-----
NotDashEscaped: You need GnuPG to verify this message
On Friday 25 April 2014 at 5:38:15 AM, in
<mid:1619717.pObFgkP320 at inno>, Hauke Laging wrote:
> a) You always want to use fingerprints instead.
> b) You do not need any reference to a key anyway
> because it is absolutely clear which keys this
> statement refers to if one key signs another.
I take your point, but would prefer such a fundamental statement about
shared genesis of multiple keys to reference those keys directly.
After all, as well as claiming "this other key is also mine"
(corroborated by cross-signing), you would also be indicating your
intention that your set of keys should be treated as one key for the
purpose of trust calculations. It needs to be as deliberate and
explicit as reasonably possible, with room for error minimised.
> c) I would like to handle that with an generic
> notation. I see a strong need for an expression about
> the relation of the signer to the owner of the signed
> key. It makes a big difference whether I say "This is
> some foreigner which has shown me some ID (see
> separate notation for details)" or "This is my
I can see the point of differentiating between a certification on the
key of somebody you actually know and on the key of somebody you don't
know but checked id. But I agree with DKG that "This is my
sister/neighbour/work-colleague/friend-since-childhood" etc is too
much information that could backfire on people.
MFPA mailto:2014-667rhzu3dc-lists-groups at riseup.net
There is no snooze button for a cat that wants breakfast
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the Gnupg-users