Re: About PGP Signing a File.
- From: John L Fjellstad <john-ubuntu@xxxxxxxxxxxxx>
- Date: Mon, 12 Feb 2007 14:49:16 -0800
Tony Arnold <tony.arnold@xxxxxxxxxxxxxxxx> writes:
It therefore becomes a question of degrees of trust. A document that has
been signed with a key that has also been signed by a number of people
increases that degree of trust, but as you say does not guarantee
authorship. A signature based on a key that has not been signed by
anybody is much less trustworthy.
I don't see how the number of people signing a key makes it more
trustworthy unless you know at least one of the person who signed (and
then you only actually need that one person's signing). A bad guy could
just generate a bunch of new keys to sign the one key you are looking
at.
--
John L. Fjellstad
web: http://www.fjellstad.org/ Quis custodiet ipsos custodes
--
ubuntu-users mailing list
ubuntu-users@xxxxxxxxxxxxxxxx
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
- Follow-Ups:
- Re: About PGP Signing a File.
- From: Tony Arnold
- Re: About PGP Signing a File.
- From: Ouattara Oumar Aziz
- Re: About PGP Signing a File.
- References:
- About PGP Signing a File.
- From: Joel Bryan Juliano
- Re: About PGP Signing a File.
- From: Matthew Flaschen
- Re: About PGP Signing a File.
- From: John Dangler
- Re: About PGP Signing a File.
- From: Tony Arnold
- Re: About PGP Signing a File.
- From: Jeffrey F. Bloss
- Re: About PGP Signing a File.
- From: Tony Arnold
- About PGP Signing a File.
- Prev by Date: Re: firewall
- Next by Date: Re: About PGP Signing a File.
- Previous by thread: Re: About PGP Signing a File.
- Next by thread: Re: About PGP Signing a File.
- Index(es):
Relevant Pages
|
