[Freedombox-discuss] Web of Trust Questions
John Walsh
fiftyfour at waldevin.com
Wed Dec 21 04:28:13 UTC 2011
Hi Everybody
> GPG allows you to tell it how much you trust someone to make
> proper verifications before signing another key (and so
> introducing someone into the web of trust). See "trust"
> command under the --edit-key in GPG man page:
>
> http://www.gnupg.org/gph/en/manual.html#AEN346
>
Thank you Tomaz for providing the link above. I read the full manual twice
and some parts a third time to get my head round the whole Web of Trust
concept. It took me a while to understand because the help and UI of the app
I was using was misleading. I confirmed that the app was misleading after
reading your link. Thank you for putting me back on track.
I also read that GNUTLS [1] provides an experimental server solution to use
an OpenPGP Certificate instead of a CA Certificate. It seems like a cool
solution. GNUTLS Server solution offers an option to use the Web of Trust to
confirm the identity of the browser's client certificate (me in this
example). I would be grateful if anybody on this list could answer my
questions below about GNUTLS.
1) Does the GNUTLS solution allow the client certificate (me) to "phone
home", to use my own WOT to confirm the credentials of the GNUTLS server I
am trying to access on the web?
2) How far away is GNUTLS from reaching stable status?
Kind Regards
Fifty Four
http://www.gnu.org/software/gnutls/openpgp.html
More information about the Freedombox-discuss
mailing list