From:                   Werner Koch <[EMAIL PROTECTED]>
> You need to clarify the trust model.  The OpenPGP
> standard does not define any trust model at all.  The
> standard merely defines fatures useful to implement a
> trust model.

"Clarifying the trust model" sounds suspiciously like
designers telling customers to conform to designer
procedures.  This has not had much success in the past.

People using PGP in practice verify keys out of band,
not through web of trust.

People using https tend to click through. 

         James A. Donald

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to