keybase.io
Werner Koch
wk at gnupg.org
Thu Sep 1 10:15:50 CEST 2016
On Thu, 1 Sep 2016 08:34, mirimir at riseup.net said:
> Ensuring that you keep talking to the same key is pretty easy. The
> hard thing is knowing what key is correct for someone who's defined
> only by an online presence. Where you have no WoT overlap. Comparing
You see signed message from someone and over time you build up trust.
Eventually you want to send a mail and the TOFU system will consider
that email/key valid due to the signatures gathered over time.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
/* Join us at OpenPGP.conf <https://openpgp-conf.org> */
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 162 bytes
Desc: not available
URL: </pipermail/attachments/20160901/94b89556/attachment.sig>
More information about the Gnupg-users
mailing list