On Thu, 2015-03-26 at 03:32 -1000, Phillip Hallam-Baker wrote:
By Web of Trust I mean actually following a chain to check a key.
Okay, probably we were using different understandings of "Web of Trust".
Admittedly I used it a bit wrong either, typically I mean a fully
meshable relation system, which allows basically anything what the user
want's to do:
- from the classic WoT, where trust is achieved indirectly (which I
still think is important, e.g. in communities like Open Source projects,
or for people who'd have gazillions of contact partners (Linus))
- the direct mutual signing, for best security/trust
- something more similar to X.509, e.g. via trust sigs.
No, I think there are quite a few things that we can do today that
change the WoT game. People carry smart phones with near field
communication, barcode, cameras. So signing can be made a lot simpler.
Well I guess that should be free to the user what he actually wants to
I personally wouldn't really trust anything a smartphone did. ;)
But this seems to be anyway pretty much out of the scope of the
Description: S/MIME cryptographic signature
openpgp mailing list