[Standards-JIG] Re: UPDATED: JEP-0027 (Current Jabber OpenPGP Usa ge)

Jesper Krogh jesper at krogh.cc
Fri Mar 19 05:25:20 UTC 2004


I gmane.network.jabber.standards-jig, skrev Joe Hildebrand:
> > That's why the public-key should be verfied and signed by you 
> > before you trust it. Then you can store the publickey on any 
> > insecure place and trust it anyway. 
> 
>  *If* I have web-of-trust to verify it, yes.  If we have a shared CA, or
>  someone I trust has signed your key.  If not, discovering it from vcard
>  isn't useful.

Sure, but we need someone/thing to sign/verify the keys, otherwise we
can't trust it anyway. 

Jesper

-- 
./Jesper Krogh, jesper at krogh.cc
Jabber ID: jesper at jabbernet.dk





More information about the Standards mailing list