Thursday August 07, 2008 Random ramblings
Thursday August 07, 2008 PGP: Signing policy update / Please sign my photo UID
Couple of PGP things:
- I've updated my signing policy.
It's not terribly consistent though, and I'm still not quite sure where I stand on signing keys on nothing more than a cursory examination of governmental ID (i.e. people at key-signing events whom I don't know personally), so I'm not very happy with it. I'm much more comfortable signing keys of people I've known and interacted with over a period of time, and even more so when I know others who've done same - even if I've not seen an ID.
Some may wonder why I would sign keys on the basis of my level-1/Low policy, but the concept of "web of trust" implies additive trust (potential for at least), so even a "not much confidence" signature ought to be of value to the WoT.
- I've added a photographic UID to my public key (yeah, horrible photo
).
If you can attest to that being a good likeness of me and have good reason to believe it's my key, please do sign that new UID. (Also, what's with people who sign only one UID on a key? I've no control over the order of UIDs, I think, so its always a less favoured UID that gets signed in such cases - arg!
).
Trackback URL: http://blogs.sun.com/paulj/entry/pgp_signing_policy_update_please
Comments:
Post a Comment:
