On 3/12/2010 5:33 PM, Robert J. Hansen wrote: > The question isn't whether you can. The question is whether it's wise. The > principle of using one credential to authorize the use of another credential > is about as old as the hills. The ways to exploit this are about as old as > the hills, too.
That actually got me thinking. Aren't keysigning parties based on that model anyway? You have an existing credential - a passport. You then use that credential to verify another - a PGP key. -- erythrocyte _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
