Y
Hacker News
new
|
ask
|
show
|
jobs
by
jandrese
1548 days ago
How do you verify the PGP key for a random LEO? The web of trust is a total failure for general use verification, it only solves the special ultra-paranoid use case.
Key distribution has always been the weak point of PGP.
3 comments
ryukafalz
1548 days ago
You would use something like WKD and not the web of trust.
https://wiki.gnupg.org/WKD
link
EricE
1548 days ago
DHS already has a portal LEOs use to collaborate - would be pretty easy to set up something at the federal level - if there was the will.
link
est31
1548 days ago
Government institutions are some of the best places where centralized certificate handling/signing infrastructures shine.
link
jandrese
1548 days ago
And yet it's basically impossible to get a government organization to sign emails except internally using MS Exchange's encrypted email support.
link