On 02/26/2013 06:43 AM, Mark H. Wood wrote: > That service presents a self-signed certificate (I checked), which > means that if you do not already have a copy of that cert. installed in > your browser and marked trusted, then it cannot be verified.
This is not correct. As noted on the web site [0], the public key
associated with the X.509 certificate can be verified through the
OpenPGP web of trust. It is certified by Kristian's own personal key.
If you know Kristian's personal key, you can verify the web site's
certificate on a debian system by using the msva-perl and
xul-ext-monkeysphere and iceweasel packages.
hth,
--dkg
[0] http://sks-keyservers.net/verify_tls.php and
https://sks-keyservers.net/verify_tls.php
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
