-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi
On Sunday 4 May 2014 at 8:21:24 AM, in <mid:5365ea74.5040...@gmail.com>, NdK wrote: > if I use tsig I'm doing both an "identity" signature and a trust > signature. I see no way I can publicly say "I don't really know > real-world identity of this subject, but I trust him as an introducer" Generally speaking, why would the public need to know if *you* trust him as an introducer? Anyway, if you use "--ask-cert-level" when signing, and tell GnuPG when it asks "I have not checked at all," you will make a "persona" certification. I'm not sure if that works/makes sense with a trust signature, since 0x11 (persona) certifications are generally ignored in WoT calculations. > (yep, might sound strange [*], but often a pseudonym is more meaningful > than RL name, but pseudonyms aren't "good" in WoT): if I tsig his key, > I'm cerifying his pseudonym -- that I shouldn't do since it's not on any > document. Who cares about documentation, so long as you actually know that key is under the control of the entity using that name in conjunction with that email address? Documents can be faked or fraudulently obtained, and certain government agencies in some countries will issue their agents with documents in false names if fact mirrors fiction. - -- Best regards MFPA mailto:2014-667rhzu3dc-lists-gro...@riseup.net Is it possible to be a closet claustrophobic? -----BEGIN PGP SIGNATURE----- iPQEAQEKAF4FAlNmG75XFIAAAAAALgAgaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl bnBncC5maWZ0aGhvcnNlbWFuLm5ldEJBMjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0 N0VDQTAzAAoJEKipC46tDG5p37wD/1fW028NrIGE+pomNM7tSaqEa+T7Pp7RduFt 5esiT2r7DRGTExW1yzR1JXKZbM4C/l3z4wWa8STGgbVzowPApxhmnODYAXOaYEJE nktZ/xheOVc0N6ktri3xW+OY5VnsSA2KSD8nNDbhqkD685kdmpXvFdiFn08MF3R8 SsHIE0ky =30hS -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users