[Enigmail] Setting trust levels for unknown keys
Faramir
faramir.cl at gmail.com
Thu Apr 30 10:58:18 PDT 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Ayush Sharma escribió:
> Hi Robert and everyone else!,
>
> Robert J. Hansen wrote:
...
>> Their policies and procedures are one thing -- but how do you know that
>> the policies and procedures they list are the same as what they actually
>> _do_?
>>
> I have absolutely no idea about this stuff Robert (or shall I use Mr.
> Hansen?), but just asking, shouldn't CACert go through some kind of
> "stringent" (LOL) tests to ensure that it doesn't goof up down the road,
> something like it does "what it should" with a success rate more than
> some threshold limit, before it gets recognized by browsers as a
> trustworthy Root CA by default (and I guess that's why it's NOT accepted
> to date by firefox), while Thawte is.
Yes, I think that's the point of the auditory in progress. However,
IMHO, the weakest link will always be the need to rely on decentralized
people to check identities of new members... but Thawte operates the
same way (at that point, I don't refer to the centralized part of the
processes), so...
Best Regards
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQEcBAEBCAAGBQJJ+ea6AAoJEMV4f6PvczxAAOwH/AlfwQbjVePFOR+vGqsUrAR2
JNs0QLG/HbIn1oIlXmML1tc15b/8CiUwr5Wb2LEfyEG21zuMvSFSW+ZoMbsw1tQR
4IECYS+0cielsmXMamrDuMuiKlfSssi4bEO2oVRHrL/Lil3P7H/GLUKAiTkLnziP
b+8EjcS/gb3ajV++Chk9h2ffpWGSQ9jV1MPyR/Rr5YIIjs4wOB9i0JS42QKY3Zml
vbHUtUXJXXIRNuKVGadYitJZ0W3CJiVrwgIYMYOHt1wH7Tn4EBgUEfd71PBKX9yZ
U7ZilQbcjLC0l0Cj8dNEOi94meCR6G/6jIrA/Qb5tuvgD1Cck6etw5GID6GQGHI=
=Wp8T
-----END PGP SIGNATURE-----
More information about the Enigmail
mailing list