|
|
|
|
|
|
by XorNot
166 days ago
|
|
|
No I picked the case I'm dealing with most commonly: which is establishing trust. X509 certs will also do this. I have numerous criticisms of the GPG system but it's not a solution to just not implement any solution at all: I.e. I need revocation lists, I need intermediate keys, I need the ability to establish alternate chains of trust or promote a chain to trusted. Some of this is very hard to do with x509 even or not will supported. |
|
|
Rather than “trust” you mean something very specific: whether a key was issued by an entity, or attested to from a set of authorities. The “web of trust” model that PGP/GPG supports is not the ideal means of implementing this.