trust paths
Johan Wevers
johanw at vulcan.xs4all.nl
Mon Mar 2 22:16:35 CET 2015
On 01-03-2015 13:27, Jonathan Schleifer wrote:
> You are assuming it will be spoofed for everyone. It could just
> be spoofed for you. Anybody who can MITM you and give you a fake
> SSL cert that you accept
Well, perhaps they could if the ONLY way I communicated wit someone
would be electronically. I usually discuss sensitive matters with people
I know personally, so I could compare key ID's when I meet the other in
person. No way to spoof that.
That might not work when whistleblowing to a reporter I don't know
personally bu then, I would either first talk to him personally or
remain completely anonymous.
--
ir. J.C.A. Wevers
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html
More information about the Gnupg-users
mailing list