The future will be easy to use
Bill Frantz
frantz at netcom.com
Wed Nov 29 18:33:15 PST 1995
At 15:30 11/28/95 -0500, Carl Ellison wrote:
>BTW -- PGP currently lacks a way for me to note, when I sign a key, how it
>is that I trust that key (by personal meeting, by attribution, by message
>association, ...). A signed attribute record would let me record that
>information for myself as well as for others.
There is more to this problem than how it is that I trust the key. There
is also what I trust it for. I just added a key to my key ring that I will
use for sending confidental data to a client site. I trust that no one can
access the secret key who is not also inside their firewall. However, the
key is on a multi-user system, so I do not trust that it is accessable to
only one person. Since the data I intend to send will be publicly
available inside the firewall, I don't have to trust more than the
firewall.
It is hard to see how to record the information about how much I trust the
receipent's systems security.
Bill
-----------------------------------------------------------------
Bill Frantz Periwinkle -- Computer Consulting
(408)356-8506 16345 Englewood Ave.
frantz at netcom.com Los Gatos, CA 95032, USA
More information about the Testlist
mailing list