David Shaw wrote: > I think that last question is irrelevant, as it follows from the > "doesn't trust versions that Phil hasn't worked on", which makes it > derived from a false premise. It does not matter whether Phil has > worked on 7.0 and later, or indeed any version of PGP, because Phil > being involved does not ipso facto cause PGP to be good (for whatever > value of "good" you like).
Warning to all: I am going to be even more blunt and direct than usual. If my usual level bothers you, as I know it does for some people, you may wish to just hit 'delete' and move on. It does if your definition of "good" is "Phil Z. worked on it." I agree that the axiom is crazy, but it doesn't do much good to tell someone "your axiom is crazy, change it" if they're not capable of either (a) understanding why their axiom is crazy or (b) how to apply their new axioms in a consistent way. In my experience it works better to say "well, assuming /arguendo/ that you're right and nothing non-PRZ related should be trusted, why aren't you trusting these things PRZ is involved in?". That gets people thinking logically and critically about how their policy decisions evolve from their axioms. Once they have some experience at critical thinking with respect to trust, then it's time to say "so, if we were going to draft new axioms from scratch, what should they be and why?" I fully agree that the axiom is somewhere between "crazy" and "grossly misinformed." Unfortunately, in my experience the overwhelming majority of users don't understand trust, don't want to understand trust, and run away screaming when asked to think about trust in a logical manner. You have to bring them to rationality slowly and in infinitesimally small doses. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users