[Standards-JIG] Re: UPDATED: JEP-0027 (Current Jabber OpenPGP Usa ge)

Joe Hildebrand JHildebrand at jabber.com
Fri Mar 19 03:48:04 UTC 2004


> That's why the public-key should be verfied and signed by you 
> before you trust it. Then you can store the publickey on any 
> insecure place and trust it anyway. 

*If* I have web-of-trust to verify it, yes.  If we have a shared CA, or
someone I trust has signed your key.  If not, discovering it from vcard
isn't useful.



More information about the Standards mailing list