> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I don't mean to sound like a complete jerk, but what is the draw with
> these key signing parties? Is it some sort of social thing? I only
> really feel compelled to have keys for people that send me critical
> information I might want to authorize and/or encrypt. For casual
> correspondence like this list and most chatting, I guess I haven't
> gotten caught up in collecting public keys.
>
> Am I missing the point here? Again, I don't mean to sound critical of
> the practice, I'm honestly wondering if I'm missing some angle here...
The draw is expanding the web of trust. If you ever want to join a
project like Debian that requires you already be in a specific web of
trust, participating in key signing parties helps out.
Key signing parties are more for the verification that Person X most
likely controls key X and also has shown photo ID that matches the name
on the key.
No comments:
Post a Comment