l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
December 2: Social gathering
Next Installfest:
TBD
Latest News:
Nov. 18: Club officer elections
Page last updated:
2002 Jul 25 16:45

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
[vox-tech] question about trust (gpg)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[vox-tech] question about trust (gpg)



here are the people who have verified my fingerprint over the phone:

  p@satan% gpg --list-sigs dirac
  pub  1024D/67EA951D 2000-12-08 Peter Jay Salzman <p@dirac.org>
  sig        67EA951D 2000-12-08  Peter Jay Salzman <p@dirac.org>
  sig        58D7BA3C 2000-12-12  Henry House <hajhouse@houseag.com>
  sig        074A81E6 2002-07-23  dugan (ME) <dugan@passwall.com>
  sub  2048g/BA20F792 2000-12-08
  sig        67EA951D 2000-12-08  Peter Jay Salzman <p@dirac.org>


this afternoon, i spoke with ryan over the phone and we exchanged
fingerprints.  then he signed my public key and sent me an exported copy
of it.  i then --imported it.  now the list of people who trust me is:

  pub  1024D/67EA951D 2000-12-08 Peter Jay Salzman <p@dirac.org>
  sig        67EA951D 2000-12-08  Peter Jay Salzman <p@dirac.org>
  sig        58D7BA3C 2000-12-12  Henry House <hajhouse@houseag.com>
  sig        074A81E6 2002-07-23  dugan (ME) <dugan@passwall.com>
  sig        DF61615F 2001-12-13  [User id not found]
  sig        72177BC7 2002-07-25  Ryan Castellucci <ryan@mother.com>
  sub  2048g/BA20F792 2000-12-08
  sig        67EA951D 2000-12-08  Peter Jay Salzman <p@dirac.org>

question: now, i assume that ryan's key was signed by whoever owns key
DF61615F, and that since DF61615F trusts ryan, then DF61615F trusts me
as well, right?  is this the "5 person rule" in action?

i looked at some docs on how to receive keys from a public server, and i
imported the key:

  pub  1024D/67EA951D 2000-12-08 Peter Jay Salzman <p@dirac.org>
  sig        67EA951D 2000-12-08  Peter Jay Salzman <p@dirac.org>
  sig        58D7BA3C 2000-12-12  Henry House <hajhouse@houseag.com>
  sig        074A81E6 2002-07-23  dugan (ME) <dugan@passwall.com>
  sig        DF61615F 2001-12-13  Matt Roper (Main) <matt@mattrope.com>
  sig        72177BC7 2002-07-25  Ryan Castellucci <ryan@mother.com>
  sub  2048g/BA20F792 2000-12-08
  sig        67EA951D 2000-12-08  Peter Jay Salzman <p@dirac.org>

ok, so ryan knows that my public key was signed by myself, henry, ME,
matt and himself.

question: henry (who signed my public key awhile ago) has no knowledge
that ryan and matt now trust my key.  i WOULD like for him to know, just
in case he passes my key to someone else (or just because i want him to
know that i'm trusted and loved by all...).   is the standard operating
procedure to send a copy of my key, along with the new people who signed
it, to the people who previously signed my key?

thanks,
pete

-- 
GPG Fingerprint: B9F1 6CF3 47C4 7CD8 D33E  70A9 A3B9 1945 67EA 951D
_______________________________________________
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
O'Reilly and Associates
For numerous book donations.