[Enigmail] Certificate signing policy

Ian Mann ansus at neomailbox.ch
Wed Mar 4 08:04:38 CET 2015


For folks I correspond with routinely I just accept their certificate, don't care if its signed.
Ian


On 04/03/15 17:48, Robert J. Hansen wrote:
> Here at Circumvention I've been surprised by the number of people who
> have been asking me to sign their certificates.  For all that the Web of
> Trust is mostly a broken technology, there are still clearly a lot of
> people who rely on it.  There are also a lot of disconnected, isolated
> communities of privacy enthusiasts who would like to have some way to
> communicate in a trusted way with other communities.
>
> They're hoping that Enigmail will be able to help, since we have a
> certificate set which is widely trusted within the community.  (Set
> aside for right now arguments over whether people *should* trust our
> certificates without doing face-to-face meet-ups and fingerprint
> verifications and everything else; clearly, people *do* trust our
> certificates.)
>
> So, if you see my signature on a certificate, here's what it means.  I have:
>
> 	1.  Met this person face-to-face
> 	2.  Received their fingerprint from them
> 	3.  Received their email address from them
> 	4.  Seen at least one form of government-issued
> 	    identification
>         5.  Verified the email address on their user ID
>             matches the email address they gave me
>         6.  Verified the fingerprint on their certificate
>             matches the fingerprint they gave me
>
> Finally, I do not upload certificates to the keyservers without the
> certificate owner's permission.
>
>
>
>
> _______________________________________________
> enigmail-users mailing list
> enigmail-users at enigmail.net
> To unsubscribe or make changes to your subscription click here:
> https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.enigmail.net/pipermail/enigmail-users_enigmail.net/attachments/20150304/5423b180/attachment.html>


More information about the enigmail-users mailing list