WoT question - policy

Stefan Claas stefan.claas at posteo.de
Fri Nov 16 00:53:23 CET 2018

On Fri, 16 Nov 2018 00:40:11 +0100, Dirk Gottschalk wrote:

Hi Dirk,
> Am Donnerstag, den 15.11.2018, 23:41 +0100 schrieb Stefan Claas:

> > You make a very important point, which i thought also about and
> > that is my little approach for covering my a*#. I would strongly
> > assume that law enforcement would also check a sig0 user,
> > regardless of policy or not, if something happens to a key owner,
> > or if i sign with sig0 a key on a key signing party, where i also
> > don't know that the person who attended is a good or bad person with
> > a real or fake id. I am totally unable to distinguish  between a
> > real or fake id nor do i know if a person is good or bad if i would
> > attend such a key signing party.  
> That was a bad example. But you see what I meant. Signature levels
> imply in some cases the assumption that it is related to the relation
> of people whether it's right or wrong.

No, no... this absolutely no bad example, regardless of sig level!

I wish that more users on the Mailing List would participate in this
discussion and critic or comment my policy. I would also very much
appreciate a proper formulated policy of mine, from a native English
speaker. Regardless whether he / she likes my policy, or not!

> There's documentation about the trustdb. I read it a while ago, but
> not entirely. You can also set the amount of needed signatures for the
> trust calculations and so on. Then comes the trust deepness into play.
> I also have to read further because I want to "abuse" GnuPG for an
> email controlled bot system inside a bigger company as part of the
> security concept. The commands shall be encrypted and signed and some
> function should be usable by "unknown" users with the needed trust
> level and so on.

Sounds interesting! I will check the docs, thanks!

I must say good night now because it is already late! ;-)


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: Digitale Signatur von OpenPGP
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20181116/cc7d06a2/attachment.sig>

More information about the Gnupg-users mailing list