trust paths

Johan Wevers johanw at vulcan.xs4all.nl
Sat Feb 28 18:39:33 CET 2015


On 27-02-2015 22:30, Christoph Anton Mitterer wrote:

> I meant in the sense that I want to trust e.g. Werner's key but haven't
> met him in person yet,... but I might have an indirect trustpath to him
> via some other persons (which I do trust).
> Obviously I'll need any intermediate keys (and enough of them that I
> personally decide it's trustworthy).

OR, in case a key belongs to a well-known person, you've seen it
mentioned in enough places and seen it used to sign gpg packages to be
rather certain that if it were a forgery someone would have noticed by
now and made noise about it.

After all, if I want to securely communicate witgh the author of GnuPG I
want to know if this key belongs to someone calling himself "Werner
Koch". If the government knows this person by the same name (that what
is known by an ID check) is less of a concern for me, maybe "Werner
Koch" is only an artist name.

-- 
ir. J.C.A. Wevers
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html




More information about the Gnupg-users mailing list