* Re: [gentoo-dev] Keysigning at LWE
@ 2003-07-30 20:22 99% ` Patrick Kursawe
0 siblings, 0 replies; 1+ results
From: Patrick Kursawe @ 2003-07-30 20:22 UTC (permalink / raw
To: gentoo-dev
[-- Attachment #1: Type: text/plain, Size: 1008 bytes --]
On Wed, Jul 30, 2003 at 08:59:12PM +0200, Sven Vermeulen wrote:
> Another way of keysigning is to have a dedicated time to do so.
>
> First, all ppl mail their pubkey and fingerprint to a general person who puts
> them online before the meeting.
>
> On the meeting (at the dedicated time) all ppl are named and show their
> fingerprint to the rest of the room (through a whiteboard or a projection).
Yes. That's the way keysigning is usually organized, and it makes sense.
I think "trust the guys at the booth and sign what they told you to sign"
is just quite exactly _not_ what the web of trust is meant to be.
Signing should allow you to see, not just to guess who actually verified
which ID.
Signing a key means verifying identity. Who trusts who is a different
kind of matter, and it's not just for fun GPG provides trust values
for keys. So I would recommend doing it the way Sven proposed -
or let the guys at the booth sign keys of visitors and vice versa.
Bye, Patrick
[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [relevance 99%]
Results 1-1 of 1 | reverse | options above
-- pct% links below jump to the message on this page, permalinks otherwise --
2003-07-30 15:35 [gentoo-dev] Keysigning at LWE Corey Shields
2003-07-30 15:40 ` Patrick Kursawe
2003-07-30 16:46 ` Fred Van Andel
2003-07-30 17:24 ` Corey Shields
2003-07-30 18:59 ` Sven Vermeulen
2003-07-30 20:22 99% ` Patrick Kursawe
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox