Re: pgp signing in van


I have removed the attribution of this comment on purpose, because it applies
to multiple people, and I want to attack a behaviour, not a person:

    >> This is what I mean by "a high bar."   Signing someone's PGP key should 
mean
    >> "I know this person as X," not "this person is X."

    > Dilution of trust is a problem with PGP. "I know this person as X" is way 
too
    > lax if you want the system to scale.

Frankly, this is an example of pseudo-security “uphill and in the snow both
ways” that has meant that, 20 years after S/MIME and PGP, almost nobody
uses this stuff, even for the most elementary of things.

Remember: "better is the enemy of good enough".

To all the people who posted to this thread about how they don't know what
a PGP key signature means, and who did not PGP or S/MIME their email:
    Stop getting in the way.
    This is how an NSA mole would derail things: claim it needs to be better

--
Michael Richardson <mcr+IETF(_at_)sandelman(_dot_)ca>, Sandelman Software Works

pgp5GRKIONrzp.pgp
Description: PGP signature

<Prev in Thread]	Current Thread	[Next in Thread>
Re: pgp signing in van, (continued) Re: pgp signing in van, Ted Lemon Re: pgp signing in van, Melinda Shore Re: pgp signing in van, Ted Lemon Re: pgp signing in van, Scott Kitterman Re: pgp signing in van, Melinda Shore Re: pgp signing in van, Scott Kitterman Re: pgp signing in van, John C Klensin Re: pgp signing in van, Andrew Sullivan Re: pgp signing in van, Hector Santos Re: pgp signing in van, Hector Santos Re: pgp signing in van, Michael Richardson <= Re: pgp signing in van, Ted Lemon Re: pgp signing in van, Peter Saint-Andre Re: pgp signing in van, Hector Santos Re: pgp signing in van, Peter Saint-Andre Re: pgp signing in van, Cyrus Daboo Re: pgp signing in van, Peter Saint-Andre Re: pgp signing in van, Richard Barnes Re: pgp signing in van, Scott Brim Re: pgp signing in van, t.p. Re: pgp signing in van, Ted Lemon