 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
On Sat, Jun 11, 2011 at 9:14 AM, Edward Ned Harvey <blu-Z8efaSeK1ezqlBn2x/YWAg at public.gmane.org> wrote: > Same as PGP. wrong. > ?It's the external context that gives you more trust. Correct. Most people don't know what the context in a SSL cert really is, though. Free certs from Commercial CA's provide a trusty flavor with no actual trust context. Hi price certs from commercial CA's may include competent manual verification of identity or incompetent. Cheap certs will validate that this is g??gle.com but won't warn you it isn't what you think... PGP ring of trust allows for non-centralized asynchronous auditable out-of-band context. If I exchange key prints in a meatspace signing party with John and he with you another day, I may decide that's sufficient reason to believe you actually exist and that that's your key, or not, at my choice. -- Bill @n1vux bill.n1vux-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
