UI terminology for calculated validities
2014-667rhzu3dc-lists-groups at riseup.net
Fri May 2 15:57:46 CEST 2014
-----BEGIN PGP SIGNED MESSAGE-----
On Friday 2 May 2014 at 3:38:17 AM, in <mid:1570455.5MFBMy4FEj at inno>,
Hauke Laging wrote:
> in my
> understanding you do exactly that: You accept a key for
I see what you mean.
I accept a key for usage by applying a non-exportable signature. But I
neither accept nor reject any claim made or implied about the identity
There is ambiguity in using the word "accept" and that is why I prefer
the word "activate."
> Whether you verify it before is your decision.
What would you verify? For any encrypted mail I send, all that really
matters is the person controlling the email address I am sending to
can read emails that I encrypt to that key. A simple exchange of
messages verifies this.
Other people would have instances where they actually need to be
certain who controls that key. In extreme cases, somebody may even
need to know the person's legal name as recognised by their
> As more than one year has not been enough for me to
> write a certification policy for my new key all my
> certifications are local ones.
That is good. There are an awful lot of certifications out there from
keys for which there is no published certification policy. All of
these are essentially meaningless noise: unless we know what the
signer is claiming, how do we know what do do with their claim?
> I hope you don't
> misunderstand the feature: Local signature is not meant
> as "rather useless signature" but just as "not for the
Well, until/unless you have decided what you want to say, it is not a
good idea to make a public announcement.
> I have local certifications at cerification level 1
> (your case) and 3.
The majority of mine are level 0, even for people I have conversed
with on mailing lists for years. I don't have a single key on my
keyring from anybody I know in real life.
MFPA mailto:2014-667rhzu3dc-lists-groups at riseup.net
The problem is not that we're paranoid;
it's that we're not paranoid enough.
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the Gnupg-users