david wrote: > it's a value judgement - that over time, changing conditions may not > reflect the "trust" one had in regard to the person.
This is why signatures can be revoked. > I'm not likely to put trust into systems. Really? You already have. For instance, do you have the capability, right here, right now, to grow or obtain your own food? If not, then you're trusting in your local food distribution system. If it goes out, then you're in a world of hurt. Do you have the capability to obtain potable water? If not, then you're trusting your water system. The question is not _if_ you trust, but _who and what_ you trust, and whether that trust will be a blind trust or an examined trust. Blind trust tends to get people in a lot of trouble; examined trust lets you prepare for what happens if and when that trust is breached. There's a reason why I have three days of MREs and ten liters of drinking water in my pantry. I trust food distribution and I trust my water system. And it's because of that trust that I have backups. On balance, I think it is better to practice examined trust than unexamined trust. But that said... I am an advocate of trust. > or (it just struck me) that I may want to compromise some one > (shudder) Compromise means you have failed to uphold your publicly stated policy. If people are able to put you in a position where you have to compromise your policy, that should be the cause for some soul-searching about where you erred in your policy. If your policy is, "I will divulge communications if required to by a court, or if necessary to prevent lawless action, or to save human life," and you go out and do just that -- that's not a compromise at all. > where are we now then? a small group of people that's fairly secure If by "secure" you mean "my system is not compromisable and my communications cannot be intercepted," then none of us are secure. None of us are even fairly secure by that standard. Generally speaking, GnuPG gives excellent protection against one particular part of the communications security profile. It is not a comprehensive solution. If my system is secure and my communications are uncompromised, it is only because I have not yet risen to the notice of those who have the power to change it, while I have simultaneously put myself beyond the likely reach of amateurs. To the extent there is a "fairly secure" worth talking about, that's it. IMO, that's not "fairly secure" at all. It's best to keep a sense of proportion about these things, and not to fall into a false sense of security. _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
