TID: FMail-lnx64 2.1.0.18-B20170815
RFC-X-No-Archive: Yes
TZUTC: 0100
CHRS: UTF-8 2
PID: GED+LNX 1.1.5-b20161221
MSGID: 2:280/464 5e1239e1
REPLY: 2:221/360.0 5e122dee
Hi August,

On 2020-01-05 20:41:53, you wrote to me:

 WvV>> Outside of fidonet. I see it sometimes in newsgroups. And I
 WvV>> know the (open)suse, software distribution system makes use of
 WvV>> gpg keys to sign the distributed software.

 AA> According to the info at https://sks-keyservers.net/status/

 AA>      Max keys:  5964828

 AA> That's really not a whole lot in the internet collective.

I wouldn't want to import them all to my keyring file! ;-)

 WvV>> I don't think "they" are going to trust it, untill there will
 WvV>> be a government key signing authority, that can "properly"
 WvV>> verify your identity.

 AA> Why not?  There is a vast pre-history of email exchange between me and
 AA> the vendor with many emails that include my customer/account number with
 AA> them. And my cheques even include the same customer/account number.  So,
 AA> they ought have great confidence that next time they send me something
 AA> to the same email address to sign, then my PGP-signed reply was done by
me.

That requires some human employer to check this, and would make the company
responsible in case a human mistake was made. They want that to be an external
risk, not theirs...

Bye, Wilfred.

--- FMail-lnx64 2.1.0.18-B20170815
 * Origin: FMail development HQ (2:280/464)
SEEN-BY: 1/123 90/1 154/10 203/0 221/0 227/114 229/426 1014 240/5832
SEEN-BY: 249/206 317 400 280/464 5003 292/854 310/31 317/3 322/757
SEEN-BY: 342/200 396/45 423/120 712/848 770/1 2452/250
PATH: 280/464 229/426