[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: The future will be easy to use

At 03:30 PM 11/28/95 EST, Carl Ellison <[email protected]> wrote:

>BTW -- PGP currently lacks a way for me to note, when I sign a key, how it
>is that I trust that key (by personal meeting, by attribution, by message
>association, ...).  A signed attribute record would let me record that
>information for myself as well as for others.

That would be a useful feature, even if it's just an unstructured text file.
There is a way to do it now, though it's inefficient and hokey -
create multiple key-signing keys, with name fields indicating the attribute,
sign them with your main key, and use the appropriate one of them to
sign keys for people.  For instance, I have a key named
"Bill Stewart Unauthenticated Pseudonym Signing Key <[email protected]>"
which I use to sign keys of significantly lower trust than my normal key;
you could do similar things for higher-quality certification.
This does increase the depth of the web-of-trust required, which is less
of a problem for low-trust keys than for keys you actually care about :-)
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, [email protected]
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281