| Stewart B. Lone on 29 Jul 2005 16:33:42 -0000 |
|
gyoza@comcast.net wrote: I'm curious about the "Validity" field. My key shows "Ultimate" and all others show "Unknown". (Trust is set to "Full" for my key and the others are set to "Marginal".) How is validity determined? Your own key is set to ultimate I would assume because you generated it, and of course you know who you are yourself(your not Napoleon). The other pub keys on your ring you get from a keyserver or an importable armored file. In the case of the list the same people post all the time, and for all that use keys most have uploaded their key to the key server and are downloadable. Any change in their key would be flagged by the program and an opportunity to query the keyserver and download the possible new key given. Ergo, its up to you what level of trust you are giving to each key. Also I believe the program gives an option not to upload your trust choice when you refresh your keys from the server. Again, you would not want to sign an others key unless you have exchanged slips and checked ID in person. I think the "official" position is even if you know or are friends with the other individual, not to sign unless in person checks have been made, on account of the possible "man in the middle" Attachment:
signature.asc ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|