On Sat, Mar 1, 2008 at 11:46 AM, Richard Hartmann <[EMAIL PROTECTED]> wrote: > On Fri, Feb 29, 2008 at 6:40 PM, Brian Smith <[EMAIL PROTECTED]> wrote: > > > > > The basic assumption is that a key signing is good and that > > > you actually gain something from it. > > > > That is the assumption that I am challenging. > > You are not challengging the assumption, you are attacking the > implementation :)
Well, let me attack this problem from another position. :-) I think we need to remember what the purpose of a signature on an OpenPGP is. It is there, first and foremost, to tell the computer "Yes, you should be happy encrypting to this key", for the purpose of avoiding Man in the Middle attacks. (And - as an aside - the purpose of OpenPGP is to make email and other electronic communication on the internet more secure). One of the early mistakes I think the _documentation_ of PGP made was to suggest that one day we might all live in a world where keys would be selected automatically from keyservers, with no effort on the part of the user, and with almost total security. It is with such a dream in mind that people set up key servers, go to key-signing parties and the like, and start worrying about how many passports they need to see before they sign a key. Actually, such a world is probably not possible. But for private users, most of the time, the most important thing is still to check the fingerprint of the key with the intended recipient of secure communications. It is, actually, simple. But that does not mean the web of trust is useless - far from it. OpenPGP lets you represent all sorts of trust models: you can choose trust the root key of a company, university or computer software project, and thereby "trust" all of the people involved in that organisation, for example. But I've never been convinced that the search for the "right" level of id to demand before signing a key is right, nor that going to random keysignings is very useful. OpenPGP can only represent "trust" that already exists. And the truth of the matter is that if I have just met a chap in a bar, I am unlikely to "trust" him to sign any more keys for me, no matter how much he tells me he always looks at passports. So even if I signed his key, I probably wouldn't then trust him to sign other keys that I depended upon. Sorry - that was rather more than I meant to write. Take home message: use OpenPGP to represent "trust" relationships that make sense for your situation, and don't worry about an ideal standard, because one doesn't exist, shouldn't exist, and probably couldn't ever exist. ;-) (I am reminded of this cartoon: http://xkcd.com/386/ ) Best, N _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users