[NZLUG] Getting people to use GPG (was: Email Server)

Robin Sheat robin at kallisti.net.nz
Wed Jun 19 11:52:09 NZST 2013


Rob Connolly schreef op wo 19-06-2013 om 10:45 [+1200]:
> Of course there is still the question of how much you 'trust' each
> key.
> I'm not sure what would happen if there were a path through the Web of
> Trust from the keys in your GPG database to my key.

Well, I get "Good signature, can't verify sender" in a yellow bar. This
is because I have your key, but you have no signatures on it, so you
might not be you. If there was a path to my key, that bar would be green
and it'd say something more like "Good signature, sender verified" I
guess.

This is the issue with GPG-like systems, I think. Technical people are
prepared to understand how a web-of-trust system works, but there's no
reason to expect your average person to. They'll continue writing emails
on postcards :)

I'm not sure how you'd go about fixing that, there might be a way
though.

Robin.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://lists.nzoss.org.nz/pipermail/nzlug/attachments/20130619/5e076a4d/attachment.pgp>


More information about the NZLUG mailing list