On Thu, 16 Feb 2017 15:31, tliko...@iki.fi said:
>> please be aware that if you switch from "trust-model direct" to
>> "trust-model tofu+pgp", then your previous assignments of "trust" will
>> transform into indications of "ownertrust".
>
> That has been my assumption. Thanks for verifying.
I'll
Daniel Kahn Gillmor [2017-02-15 13:46:13-05] wrote:
> right, so your use of "trust-model direct" switches the meaning of the
> "trust" flag from its usual "ownertrust" semantics to be what we'd
> normally call "validity".
>
> Note also that when you mark a key itself as "trusted" in this way,
>
On Wed 2017-02-15 11:54:51 -0500, Teemu Likonen wrote:
> That makes things very simple, in a way. I use "trust-model direct" and
> do some checking in web pages or check consistent use of signatures. If
> the key seems ok I'll "--edit-key", type "trust" and assign marginal or
> full trust for that
On 2017-02-15 10:33 AM, Kristian Fiskerstrand wrote:
>> How do you do that? Is there a type of sub-key you use?
>>
> No, just a completely separated primary key with C capability, no
> subkeys and is never published anywhere, rotated regularly to issue
> lsigns for short term use
Ah, that makes
Didrik Nordström [2017-02-14 19:02:08-08] wrote:
> How do you handle key management? Let's say you just want to send a
> signed and encrypted email once to someone who announced their pubkey
> over https? What type of trust would you assign?
I don't personally know anybody who uses gpg. Even if
On 02/15/2017 03:27 PM, Adam Sherman wrote:
> On 2017-02-15 06:51 AM, Kristian Fiskerstrand wrote:
>>> Do I need access to my master key in order to expand my web of
>>> trust? This seems like quite a restriction.
>> Yes, although you can generate a local CA key to use for this purpose
>> for
On 2017-02-15 06:51 AM, Kristian Fiskerstrand wrote:
>> Do I need access to my master key in order to expand my web of
>> trust? This seems like quite a restriction.
> Yes, although you can generate a local CA key to use for this purpose
> for short term validity considerations used for local
On 15/02/17 13:34, Peter Lebbing wrote:
> I've written a bit about ownertrust for the keysigning party we held
> last December:
Additionally, this topic is also briefly covered in the FAQ[1], which is
an up-to-date and maintained piece of documentation. The
The GNU Privacy Handbook[2] also
On 15/02/17 04:02, Didrik Nordström wrote:
> I wanted to send an email to a new contact (a bug report to a software
> project) so I added the public key and assigned it "Fully trusted" (4).
In addition to Kristian's answer, let me clarify:
"Ownertrust" is your assessment of how much you want to
On 02/15/2017 04:02 AM, Didrik Nordström wrote:
>
> So.. Do I need access to my master key in order to expand my web of
> trust? This seems like quite a restriction.
Yes, although you can generate a local CA key to use for this purpose
for short term validity considerations used for local
Hi, I am new to using PGP in general, but fairly confident in the
cryptographic primitives and the overall concepts. I have issued a master
key on cold storage, and subkeys on my primary machine (one with encryption
and one with signing privileges).
I wanted to send an email to a new contact (a
11 matches
Mail list logo