|
|
|
|
|
|
by michaelt
45 days ago
|
|
|
> The IRL social network is actually the important part of the trust structure. For Debian-style applications that are 100% about openness and 0% about secrecy, sure. But if you want to secure communications between pro-democracy activists in China, or you're a Snowden-like whistleblower wanting to securely communicate with journalists - y'all probably don't want to be vouching for one another's keys. |
|
|
Self-signed PGP is very occasionally used to prove continuity across channels or addresses. Cross-signed basically never.