I *think* Duane's model is that he will issue a cert when some number of PGP signatures have appeared on a PGP key on some PGP server. Duane please correct that if that statement is mistaken.
Nope, basically the website "acts" as the web of trust, people already trusted in the system are able to issue trust to others, usually it takes 3 or more existing trusted parties to enable another to become trusted within the system, so it's still more like PKI in the sense you need an existing trusted party, then simply joe is my friend and we cross sign each others keys. Mind you if you become trusted you can cross sign the 3 peoples keys that trusted you... Least that's the jist of it...
-- Best regards, Duane
http://www.cacert.org - Free Security Certificates http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom http://happysnapper.com.au - Sell your photos over the net! http://e164.org - Using Enum.164 to interconnect asterisk servers _______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
