Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

>The PGP web of trust is as good as dead, ...

I don't think the thing you are referring to ever actually existed. Just like in real life you would trust someone just because someone you trusted trusted them. This is a common strawman and does not represent some sort of weakness in the relatively straightforward certifications provided by stuff that supports OpenPGP.



Cryptographic Trust /= Trust in persons motives.

I guess we need better words.


Of course I would trust someone if someone I trusted trusted them - subject to some obvious limitations. That is the essence of a social network. A cryptographic representation of that network is a profoundly powerful concept. But OpenPGP/gnupg are bad tools to represent it.




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: