On Feb 28, 2011, at 12:01 PM, Robert J. Hansen wrote: > On 2/28/11 9:12 AM, David Shaw wrote: >> In this particular case, though, key signatures aren't even necessary >> - RM just needs to prove that he is the same entity that signed the >> other messages to the list. That is, he's "real" in the sense that >> he is the Martin that the list knows and has been conversing with. > > That depends a lot on what those prior conversations are. If I've built > up trust in RM because I think he's been up-front and candid, and FM > comes along and presents a credible threat to RM's identity, then yes, I > have to revisit my trust decision in RM: I can no longer be confident > he's been up-front and candid.
Well, I suppose that's up to you whether you want to trust RM or not. A question on trustworthiness is outside crypto, and not what the discussion was about here in any event. David _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
