On 2018-03-11 03:45 PM, Bob Jonkman via talk wrote:
> I do  recommend that the keymaster for a keysigning event generates a
> key specifically for that event.

We tried a formal keysigning party at GTALUG once. It was a lot of work
and I think we extended the Web of Trust by four people.

The WoT assumes that the underlying code and algorithms aren't broken,
which very few people are in a place to verify. They also require that
everyone in the WoT practises the very best key hygiene: people are
fallible; see last year's leak of the private key for Adobe's incident
response team.

Talk Mailing List

Reply via email to