Re: Seahorse Trust Model revisited



Yes, this is how this should be expected to work.

If I have checked that the key belongs to "dude1" I should sign the
key (checking that dude1 is who he says to be). This is completely
independient of the trust taht dude1 gives me on how he checks other
people keys before he signs them.

This way, the 'I have checked this key belong to...' should sign the
key, warn about you have to actually check it and then set how
carefully they checked the id. Perhaps, at sign dialog, there should
be an option to make the signature local (or even better, the other
way around, make the signature exportable)
On the other hand is the trustness on a dude. You do not trust the key
(that's done 'automagically' by gnupg using signatures), you trust how
the dude behaves on signing other people's keys. That's why trust is
not exported to gnupg servers, but key signatures are.

On Wed, Apr 30, 2008 at 5:12 PM, Adam Schreiber <sadam clemson edu> wrote:
[...]
>
> I no longer agree with this model and believe it's causing problems
> with other programs that use GPG.  [1][2]
>
> The first check box 'I have checked that this key belongs to '%s''
> should result in a signature along with grading how carefully they
> checked the papers.  Maybe a sensible default is to say they
> marginally checked.
>
> The second check box 'I trust signatures from '%s' on other keys'
> should result in a marginal trust level being set on the key.
>
> The sign button should be removed.
>
> Comments and thoughts?
>
> Cheers,
>
> Adam
>
> [1] http://mail.gnome.org/archives/seahorse-list/2008-February/msg00000.html
> [2] http://bugzilla.gnome.org/show_bug.cgi?id=435278
> _______________________________________________
> Seahorse-list mailing list
> Seahorse-list gnome org
> http://mail.gnome.org/mailman/listinfo/seahorse-list
>



-- 
José Carlos García Sogo
 jsogo debian org


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]