-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Monday 2006-11-06 at 15:27 +0100, Jos van Kan wrote:
But that's sufficient isn't it? For all I know you're the best Carlos E. R. impersonator thus far known to me, but what I'm sure of by your signature it'sthe *same* impersonator everytime. That's all I need to know.
Yes, that's correct :-)
But you can not certify to anybody that I'm really named Carlos E. R ;-)
But if your real name were Gandalf the Grey, what difference would that make?
Not much, for our purposes. In other contexts, more serious, it might.
It's a different kind of trust.
Even if I meet you in person I trust that you tell me your real name. I can't remember *ever* having asked to look at the passport of someone introduced to me. :-)
:-) In theory, you would have to before signing somebody else's key. That's the weak point of pgp signing, there is no central "trusted" authority certifying identities. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFFT7p6tTMYHG2NR9URAtd+AJ9YGE4t3/FJt6pRo0ogobh4T6Q/XwCfT9cA BrMMuoyRBWaiXIyvDd55oCk= =s/dc -----END PGP SIGNATURE-----