[NZLUG] Getting people to use GPG (was: Email Server)

Rob Connolly rob at webworxshop.com
Wed Jun 19 15:27:17 NZST 2013


On Wed, Jun 19, 2013 at 11:52:09AM +1200, Robin Sheat wrote:
> Rob Connolly schreef op wo 19-06-2013 om 10:45 [+1200]:
> > Of course there is still the question of how much you 'trust' each
> > key.
> > I'm not sure what would happen if there were a path through the Web of
> > Trust from the keys in your GPG database to my key.
> 
> Well, I get "Good signature, can't verify sender" in a yellow bar. This
> is because I have your key, but you have no signatures on it, so you
> might not be you. If there was a path to my key, that bar would be green
> and it'd say something more like "Good signature, sender verified" I
> guess.
> 
> This is the issue with GPG-like systems, I think. Technical people are
> prepared to understand how a web-of-trust system works, but there's no
> reason to expect your average person to. They'll continue writing emails
> on postcards :)
> 
> I'm not sure how you'd go about fixing that, there might be a way
> though.
> 

I guess that means I need to go to/organise a cryptoparty [0] in order
to get it signed by a few people!

Cheers,

Rob

[0] http://cryptoparty.informatick.net/parties/howto

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.nzoss.org.nz/pipermail/nzlug/attachments/20130619/6b0bac80/attachment.pgp>


More information about the NZLUG mailing list