protecting pub-keys from unwanted signatures
Robert J. Hansen
rjh at sixdemonbag.org
Sun Aug 16 23:26:15 CEST 2015
> What other people do says nothing about me, and everything about
> them.
Except that 99% of people who see that signature will think you have an
association with white supremacists.
Should they? No.
Will they? Yes.
The average person doesn't have a formal/mathematical model of trust and
what it means. They have a loose, poorly-specified understanding, like
"only sign certificates of people you know well." This leads them to
thinking, "well, this white supremacist group must know Chris well".
That's a false inference, but it's one a *large* number of people draw.
> On popular keys, such as Facebook's, or any other public figure,
> there are going to accumulate signatures that aren't a part of
> anybody's Web of Trust. Until such time that these signatures can
> constitute a genuine threat to the Web of Trust, they're irrelevant.
So you're now changing your statement: signatures *don't* always
strengthen the WoT -- a large number of them are irrelevant. This is
much closer to reality.
More information about the Gnupg-users
mailing list