El lunes, 29 de septiembre de 2003, a las 04:41, Pigeon escribe: > I know; see my next paragraph... I'm pointing out that the system is > not necessarily "magically" secure if not used with the intended > rigour, as may be the case on a mailing list environment, or if > outhouse excess supported pgp. However secure the algorithms involved > may be, any cryptographic system can be compromised by slackness and > complacency on the part of its users.
Exactly. In the worst case, checking someone's fingerprint is not enough for me in order to sign his key. I also want to be sure that I am not signing a key to someone that is not signing other's keys without checking their fingerprints very carefully. This is about trustness. "Don't sign a key if you don't know what PGP is about. Don't sign a key to somebody who doesn't know what PGP is about". Regards, Ismael -- "Tout fourmille de commentaries; d'autheurs il en est grande cherté"
pgp00000.pgp
Description: PGP signature
