> > On Wed, 12 Mar 2003, Henrique de Moraes Holschuh wrote: > > > Well, acceptable for what? NM? It would count towards certifying the M > > > key, > > > but it would not be enough, IMHO. > > http://www.omegasphere.net/ssl/freemail/ may be of use for > > people who wish to prove their identity. Though the page > Not for Debian. Well, I've been in some queue or other for so long that perhaps things have changed, but I know in the past that an email certificate issued by one of the commercial 'trust authorities' was one way to help provide a trust path.
> And anyone signing a gpg key of someone else based on a certificate or > certification of someone else is better off not touching crypto software > ever again. I wasn't suggesting that. I was merely mentioning that there are companies which make there $ verifying peoples' identities (now, in the case of the class 1 certificate I pointed to earlier, it in fact only confirms that a person has use of an email address - a class 2 certificate would be more appropriate for Debian usage). The trust path is between the person who gets the certificate and the person issuing it, so I don't see why you think I was meaning that people should sign a GPG key based on that alone. -- |-----------------------------------------------------------------| | Daniel Dent [EMAIL PROTECTED] If it ain't broke, tweak it! | |-----------------------------------------------------------------| | OMEGASPHERE DOMAIN REGISTRATION SERVICES | | 10 page website, email forwarding, URL forwarding, DNS, & more. | | $10.95 USD/year. http://www.omegasphere.net/ | |-----------------------------------------------------------------|
