Ed - > OK, "friend-of-friend" makes some sense. I just don't completely grasp > the concept of "how much" you should trust a GPG key or signature. > Having read the GPG FAQs more than once, the trust metric still seems > hazy. Or maybe I'm dense. Or perhaps trust is intrinsically a foggy > thing. I have a nasty suspicion that the "dense" option is a likely > scenario. ;-)
Trust is kind of a hazy concept, since trust is something you have to define for yourself for the targeted user. I'd ahve a high trust metric for someone I meet face to face with photo ID and have a history with, and a low trust metric for someone I meet over IM and trade keys with over lunch one day (nothing personal, fellow #trilug'ers). > In any case, if theres a convenient (for you!) way to exchange key > signatures, I'd like to do it. I expect you have my work number - and I'm sure you have my home number in your things. Give me a ring, and we'll establish idenity and trade keys. Obviously, something like this will only work for a pair of people with a history. -- -- Kevin Sonney -- [EMAIL PROTECTED] -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
