Henrik Ahlgren <[email protected]> writes: > Peter Gutmann <[email protected]> writes: > >> Does anything actually use the cobweb of trust, or do you just assume the key >> you've got is good because doing anything else is too hard? > > Perhaps the Debian developer keyring would serve as a compelling > example? They even organize actual key-signing parties, which many > cryptography experts today appear to regard as "LARPing" or otherwise > ridiculous.
Or the Linux kernel [1]. Collin [1] https://www.kernel.org/doc/html/v6.19-rc2/process/maintainer-pgp-guide.html#using-the-kernel-org-web-of-trust-repository
