incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Noah Slater <>
Subject Re: key signing
Date Wed, 10 Oct 2012 21:11:52 GMT
On Wed, Oct 10, 2012 at 3:20 PM, Ted Dunning <> wrote:

> I have friends who live far away.  I know them well.  I don't know their
> key fingerprint.
> If we send emails or if we text back and forth I  not clear that it is
> them.  If I have a video conference and the hold up the fingerprint I know
> it is them.

This is not an applicable user story for Apache, though. We're not all long
distance pen palls who used to know each other in real life. As Shane
points out, the important thing is that we can establish email and key
ownership. I still contend that actually being able to say the person who
controls this email and this key happens to have some ID proving their IRL
identity. Perhaps that is not important for Apache. But for the WoT in
general, it certainly seems to be the case.


  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message