E-Mail Encryption: Why Isn't Everyone Doing It?

David Shaw dshaw@jabberwocky.com
Fri Oct 25 23:53:01 2002


On Fri, Oct 25, 2002 at 01:52:51PM -0500, Richie Laager wrote:
>  
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> > -----Original Message-----
> > From: gnupg-users-admin@gnupg.org 
> > [mailto:gnupg-users-admin@gnupg.org] On Behalf Of David Shaw
> > Sent: Friday, October 25, 2002 12:32 PM
> > To: Josh Huber
> > Subject: Re: E-Mail Encryption: Why Isn't Everyone Doing It?
> 
> > One gotcha we can avoid, if there are multiple levels of
> > certification in the future, is to use a different signing key for
> > each.  That way users can trust the signing key for the exact
> > service they want.
> 
> Or, just use different levels of signatures (0x10, 0x11, 0x12, 0x13).
> Ideally, GPG would have a setting that allows one to specify distinct
> levels of trust on a per-person per-signature class level. This is
> something that I've always wanted to see implemented. I'm hoping to
> learn the GPG internals some day, so that I could implement this.

That's another possibility, but I'd want things to work well with PGP
as well, and PGP doesn't do signature levels.

David

-- 
   David Shaw  |  dshaw@jabberwocky.com  |  WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson