-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi
On Thursday 30 January 2014 at 12:58:44 AM, in <mid:20140130005844.1f0f5b54@steves-laptop>, Steve Jones wrote: > The advantage you have here though is the web of trust. > 1 level 1 signature would probably be not enough, but > 5, 10, 100..? If the signatures are made automatically be email software without verifying identity, where is the web of trust? Lots of such signatures would tie the key to the email address but not to a person. Email addresses, just like phone numbers, may be re-used by a different person today to who used them last year. > There comes a point where you have to > decide that a certain level of security is good enough. That is one of the points of the oft-repeated mantra "It depends on your threat model." - -- Best regards MFPA mailto:2014-667rhzu3dc-lists-gro...@riseup.net Great minds discuss ideas; Average minds discuss events; Small minds discuss people. -----BEGIN PGP SIGNATURE----- iPQEAQEKAF4FAlLqv59XFIAAAAAALgAgaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl bnBncC5maWZ0aGhvcnNlbWFuLm5ldEJBMjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0 N0VDQTAzAAoJEKipC46tDG5pT/8EAI9tSZ3POJC+LVqut0YRQFslGcxTZlROLJUb QLfAwUTb2u0o9sla57Seqpxcop8BV9ypbTS4raPMEOjrL0t/fz5kWb6I9sNguaxf szfcOq2KLwh/KzgaWKJrDEiTPxcQk1skevohts7137E+fGk7I/aBiMqX0AJTvW+8 I56nkmBm =JI5Y -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
