[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: The future will be easy to use

At 15:30 11/28/95 -0500, Carl Ellison wrote:
>BTW -- PGP currently lacks a way for me to note, when I sign a key, how it
>is that I trust that key (by personal meeting, by attribution, by message
>association, ...).  A signed attribute record would let me record that
>information for myself as well as for others.

There is more to this problem than how it is that I trust the key.  There
is also what I trust it for.  I just added a key to my key ring that I will
use for sending confidental data to a client site.  I trust that no one can
access the secret key who is not also inside their firewall.  However, the
key is on a multi-user system, so I do not trust that it is accessable to
only one person.  Since the data I intend to send will be publicly
available inside the firewall, I don't have to trust more than the

It is hard to see how to record the information about how much I trust the
receipent's systems security.


Bill Frantz                   Periwinkle  --  Computer Consulting
(408)356-8506                 16345 Englewood Ave.
[email protected]             Los Gatos, CA 95032, USA