Hi Mike, I'm writing a blog post about web of trust. I'm looking for any weaknesses I can find in it because I'm writing a piece of software that would be designed to help grow it. I'd appreciate if you could give me a few points that I can research. I'd be happy to send you my findings so far if you want to read them. This is a fairly important subject because many people rely upon it for software signing, encrypted e-mail, and soon we could use it much more widely. I've read the previous thread about web of trust (tor-talk 2010 December) but didn't find it to be particularly relevant. Regards, Javantea 0x1954fed2 On Friday 27 September 2013 14:18:17 Mike Perry wrote: > Hi everyone, > > I've finally made a new GPG key (after a scant 7 years!). > > This new key will be used to sign email from me going forward, and will > be used to sign software releases until such time as I get around to > creating a second set of keys on a hardware token for that purpose. > > While I dislike the Web of Trust for a number of reasons*, my plan is to > cross-certify these two sets of new keys, and also sign both with my old > key. Hence I will not immediately be issuing a revocation for my old > key. > > The new key is attached, and is available on the keyservers (with a > signature from my old key) at: > http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x29846B3C683686CC > > Here's the fingerprint and current subkey information for reference: > pub 8192R/29846B3C683686CC 2013-09-11 > Key fingerprint = C963 C21D 6356 4E2B 10BB 335B 2984 6B3C 6836 86CC > uid Mike Perry (Regular use key) > <mikeperry@xxxxxxxxxxxxxx> sub 4096R/717F1F130E3A92E4 2013-09-11 > [expires: 2014-09-11] > sub 4096R/A3BD8153BC40FFA0 2013-09-11 [expires: 2014-09-11] > > > This message should also be signed by my previous key, which was used > extensively to sign my email and my source code releases prior to today. > > > * Ensuing flamewars about the Web of Trust should reply only to tor-talk.
Description: This is a digitally signed message part.
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk