Conversation

Notices

1. kat (boneidol@indy.im)'s status on Sunday, 30-Jun-2019 11:39:51 UTC kat
   oh Shit... the GPG web of trust is dead https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f
   • kat (boneidol@indy.im)'s status on Tuesday, 02-Jul-2019 09:24:18 UTC kat

     • Joshua Judson Rosen
     @rozzin Maybe I am misunderstanding, but the poisoning prevents people from updating keys to check trust paths. The proposed replacement service https://keys.openpgp.org/ does not link ID ( email address) to the public key, unless asked to.  And more importantly from a WoT is does not have any third party signatures.  So can't be used to follow a trust path
   • kat (boneidol@indy.im)'s status on Tuesday, 02-Jul-2019 09:32:16 UTC kat

     in reply to

     • Joshua Judson Rosen
     @rozzin https://keys.openpgp.org/about/faq  https://indy.im/attachment/138122
   • kat (boneidol@indy.im)'s status on Tuesday, 02-Jul-2019 12:38:09 UTC kat

     • Joshua Judson Rosen
     @rozzin help me out!
     what am I doing then when I get a new key from someone I've not communicated with, and check the signatures to see if there are any people in common ? 
     
     What are the people at Tails doing here ?  https://tails.boum.org/install/linux/usb-download/index.en.html#install-inc-steps-download.inline.web-of-trust  https://indy.im/attachment/138158
     
     It looks to me like building a human connection through the WoT