On Tuesday 25 March 2003 00:22, Jeroen van Gelderen wrote: > On Monday, Mar 24, 2003, at 22:32 US/Eastern, bear wrote: > > On Mon, 24 Mar 2003, Jeroen C. van Gelderen wrote: > > > >> It's rather efficient if you want to sign a large number of keys of > >> people you mostly do not know personally. > > > > Right, but remember that knowing people personally was supposed > > to be part of the point of vouching for their identity to others. > > Not that I heard of. I always understood that I should be 'convinced' > of the identity and willing to state that to others.
Well, that's a surprise to me! My understanding of the PGPid signature was that the semantics were loose, deliberately undefined. And, within that limitation, it came down to "I met this guy, he called himself Micky Mouse." I've only been to one key signing event, and no identity was flashed around that I recall. So, do we have two completely disjoint communities here? One group that avoids "photo id" and another that requires it? Or is one group or the other so small that nobody really noticed? I'm curious, is all! > Yes. But PGP doesn't mandate either interpretation. That is what you > use your trust knobs for: you decide on a per-user basis how > trustworthy an identity certification from that user is. The redundancy > of a well-connected WoT then helps you a bit in eliminating simple > errors. Um. So, there are people out there that I am convinced are who they say they are. They happen to be nyms, but I know that, and they are consistent nyms. Can I sign their key with the highest level? -- iang --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]