 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
On Jun 12, 2011, at 10:37 PM, Tom Metro wrote: > > And how about if you delete all your root certificates (rather > inconvenient on a web browser, but probably minimal impact on a mail > client), and instead only use certificates that you obtain direct from > the other party or through your chosen web of trust? There is no web of trust with SSL and S/MIME. The certificate trust chains are just that: chains. They are straight lines. Looking at the Rohr example, if my contact's key had been signed by three or five people that I had already verified then the telephone verification would not have been necessary. His key would have been a node in my trust web. SSL and S/MIME don't do this. I'm sure that someone is clever enough or ornery enough to make it work, but for the rest of us it is just too cumbersome to bother. --Rich P.
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
