On 29/06, Manoj Srivastava wrote: | Actually, the real flaw seems to be that my email assumed that | the protocol was going to be used by people who had a modicum of | inductive reasoning. The outline mentions just one ID in the key | being verified and signed, and I assumed that anyone this concerned | about security would realize that the same needed to be done for evey | ID one needed to verify. Quite obviously I was mistaken in my | assumption.
Well, then why not talk about "id signing" instead of "key signing" which exists but designates a completely different thing that also exists in GPG?
