Re: [SLE] Signing pgp/gpg keys [Was: crontab help]

On 11/06/2006 05:58 PM somebody named Carlos E. R. wrote:

The Monday 2006-11-06 at 07:27 -0500, ken wrote:

On 11/05/2006 10:35 PM somebody named Carlos E. R. wrote:
....

If you change
to a new email account and want to prove to me that you are the same
person, all you have to do is send me an email using your current key.

Actually, you can add the new identity to the old key, upload it again to
a key server, and continue using the same key. The same key can have
several ids.

This is true and good to point out. However, it's not required and
might not always be desirable. It might be preferable to keep one's
identities distinct and separate except to select friends.



....

Now the terms "local" and "non-local" (global?) don't describe very well
this usage. Nor do the given "levels of trust". Given the above
purposes, there's no question as to *how much* I trust the signature,
but rather *what* I trust. The local-global dichotomy doesn't address
this manner of trusting, what I would refer to as "personal" or
"identical" trusting. That is, I don't know your date of birth, street
address, phone number, or even if Carlos E. R. is your true name, but I
don't care about those. (Except for your date of birth, all these
details about you could be legally changed anyway.) The only trust
issue here is personal (and I'm using "person" here in its original,
most fundamental sense, from the Latin "per-sonare", to sound through (a
mask), what an actor in a drama did/does), one of the identity of the
one who may wear different "masks". To trust any communication where
the identity of the person we are communicating with is critical, this
manner of trusting is critical, regardless of whether we call it global
or local.

Right again.


Local signing is just a safeguard, so that I don't upload them
accidentally and others import it. Each person might use it for different
purposes, but the idea is to only sign globally or publicly when we can
certify the identity of that person somewhat. That's how I understand it,
at least.


Perhaps my point got lost in the too much explication I posted. It is
that the notion of "levels of trust" implies that keys have a range of
qualities, e.g., moderate, full, ultimate, unrelated to whether they
are, e.g., 1024-bit or 2048-bit. What, then, do the levels of trust
mean and how can we assign a value to a new key on our ring(s)? The
scalars, whether numeric or linguistic, don't correspond to anything in
experience... abstractions I just don't see too much use for. More
useful would be, for example, the ability to designate the name as
"alleged" (as in "the person with this email address says his name is
Jorge") vs. "verified" (as in "I checked his official picture ID and the
name is what he says"). One such Boolean, but experientially concrete
selection would be far more meaningful than an abstract scale with lots
of choices.


--
"It is not knowable how long that conflict would last, it could last,
you know, six days, six weeks. I doubt six months."
--Secretary of Defense Donald Rumsfeld, 2/7/03


--
Check the headers for your unsubscription address
For additional commands send e-mail to suse-linux-e-help@xxxxxxxx
Also check the archives at http://lists.suse.com
Please read the FAQs: suse-linux-e-faq@xxxxxxxx

Relevant Pages

  • Re: 2 Men Arrested in Missouri Girls Death
    ... I'm not going to sit here and rip this woman apartbut there was a video clip where she said she didn't trust her husband, ... It could be more along the lines of her not trusting he won't cheat on her or steal money. ... I suppose it could be she suspected that, but I am waiting to hear more about the distrust comment she made before deciding how I feel about her now. ...
    (alt.true-crime)
  • RE: incoming and outgoing trusts
    ... to use User Domain and Resource Domain (Trusting) as it makes it ... It should also be noted that your concept of administering the trust is also ... rights directly to resources. ... authenticated by passing authentication thru to the trusted domain--into the ...
    (microsoft.public.windows.server.active_directory)
  • Re: Using Computers In Trusted Domain, Logons To Trusting Domain Fails
    ... With a 1-way trust established between the trusting and the trusted ... to the trusting Domain fails but using computers in the trusting Domain, ... Using a computer that is joined to the SCS Domain, ... that computer to logon to the GSCSStudents Domain using an account in the ...
    (microsoft.public.windows.server.active_directory)
  • Re: OT No sign of panic buying here...
    ... what would your first reaction be: ... trust them, because they've always told the truth in the past ... The way we're all trusting US intelligence, post-Iraqi-WMDs, concerning ...
    (uk.media.tv.misc)