jonfarmer at enta.net
Thu Aug 12 11:31:57 BST 2004
Peter Cannon wrote:
> The only good method is Verisign Digital Identity with that you have to supply
> your passport or drivers license to prove you are who you say you are and pay
> a yearly fee your identity can then be verified by Verisign the ones you
> produce yourself ain't worth the paper they're printed on as anyone could
> have produced them so its a bit pointless really.
Err I have to disagree. Passports and driving licences are increasing
stolen and forged. Also while I am not suggesting Verisign or any other
third party signing authority are not to be trusted they never
personally know the person they are digitally signing.
PGP works on a web of trust and is the best method I have ever seen of
being certain of an identity. I only ever sign and trust public keys of
people I have met in person and have had the key provided to me in
person. I would never implicitly trust a verisign identity as I have not
control over it whereas if I have signed a key I would implicitly trust
it for my use only.
How about a WLUG key signing party sometime.. :-)
Entanet International Ltd
GPG Fingerprint ABCB 6E92 59B8 001F FE9C 0817 A2D6 0151 FF49 9040
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 254 bytes
Desc: OpenPGP digital signature
Url : http://mailman.lug.org.uk/pipermail/wolves/attachments/20040812/3e689fd5/signature.bin
More information about the Wolves