pqm at canonical.com key needs a new email, and some signatures
Robert Collins
robertc at robertcollins.net
Tue May 9 12:31:06 BST 2006
On Tue, 2006-05-09 at 21:26 +1000, Martin Pool wrote:
>
> Which means, "make a local signature that won't be exported/uploaded".
> But that means each person must individually make sure they have the
> right one. What's wrong with making a regular untrusted signature?
well, I need to read up on the new transitive trust stuff in GPG. Until
that existed, there was *no* trust metric published with a signature.
Even with that existing, and the ability to export the trust, a
signature still asserts that you have verified the identity of the
person that can make signatures with that key....
And I'm *really* hoping you haven't managed to do that :)
Rob
--
GPG key available at: <http://www.robertcollins.net/keys.txt>.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: This is a digitally signed message part
Url : https://lists.ubuntu.com/archives/bazaar/attachments/20060509/9e10901e/attachment.pgp
More information about the bazaar
mailing list