lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sat, 8 Oct 2011 17:28:41 +0200
From:	Geert Uytterhoeven <geert@...ux-m68k.org>
To:	Valdis.Kletnieks@...edu
Cc:	Jon Masters <jonathan@...masters.org>,
	Krzysztof Halasa <khc@...waw.pl>, Adrian Bunk <bunk@...sta.de>,
	"Frank Ch. Eigler" <fche@...hat.com>,
	"H. Peter Anvin" <hpa@...or.com>,
	"Rafael J. Wysocki" <rjw@...k.pl>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	Greg KH <gregkh@...e.de>
Subject: Re: kernel.org status: establishing a PGP web of trust

On Sat, Oct 8, 2011 at 16:36, <Valdis.Kletnieks@...edu> wrote:
> However, you have to remember that *all* real-life identity proofs are to
> some degree probabalistic.  How do you know your lawyer is a *real* lawyer
> and not somebody with a fake degree?  Mostly because the other lawers
> in town and the judges are convinced he's a lawyer too.  Same goes for
> your doctor - how do you know he *really* went to med school?  Even calling
> the med school and verifying only proves that somebody with that name went
> there that year.  And yes, every year we hear about a few fake lawyers and
> doctors on the news.  But society seems to muddle along just fine anyhow.

In real life, it's also called the web of trust. How do you prove to a foreign
government that you're (a) not a convicted criminal and (b) in a healthy state?
  - You ask your doctor to write a signed declaration,
  - You go to the ministry of healthcare, which checks the signature
and registration
    number of the doctor, and adds a signature and stamp to the document,
  - You go to the police station, to get a good standing certificate, signed by
    the mayor,
  - You go to the ministry of foreign affairs, which checks the
signatures and stamps
    of the ministry of healthcare officer and of the mayor, and adds
an apostille
    to your documents,
  - The foreign government verifies the apostille from your ministry of foreign
    affairs.

Very similar to PGP ;-)

Gr{oetje,eeting}s,

                        Geert

--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@...ux-m68k.org

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
                                -- Linus Torvalds
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ