On 27-02-2015 22:30, Christoph Anton Mitterer wrote: > I meant in the sense that I want to trust e.g. Werner's key but haven't > met him in person yet,... but I might have an indirect trustpath to him > via some other persons (which I do trust). > Obviously I'll need any intermediate keys (and enough of them that I > personally decide it's trustworthy).
OR, in case a key belongs to a well-known person, you've seen it mentioned in enough places and seen it used to sign gpg packages to be rather certain that if it were a forgery someone would have noticed by now and made noise about it. After all, if I want to securely communicate witgh the author of GnuPG I want to know if this key belongs to someone calling himself "Werner Koch". If the government knows this person by the same name (that what is known by an ID check) is less of a concern for me, maybe "Werner Koch" is only an artist name. -- ir. J.C.A. Wevers PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users