[Standards-JIG] Re: UPDATED: JEP-0027 (Current Jabber OpenPGP Usa ge)
jesper at krogh.cc
Fri Mar 19 05:25:20 UTC 2004
I gmane.network.jabber.standards-jig, skrev Joe Hildebrand:
> > That's why the public-key should be verfied and signed by you
> > before you trust it. Then you can store the publickey on any
> > insecure place and trust it anyway.
> *If* I have web-of-trust to verify it, yes. If we have a shared CA, or
> someone I trust has signed your key. If not, discovering it from vcard
> isn't useful.
Sure, but we need someone/thing to sign/verify the keys, otherwise we
can't trust it anyway.
./Jesper Krogh, jesper at krogh.cc
Jabber ID: jesper at jabbernet.dk
More information about the Standards