From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Wed, 24 Jan 1996 23:56:41 +0800
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: [local] Report on Portland Cpunks meeting
In-Reply-To: <199601241431.JAA13316@jekyll.piermont.com>
Message-ID: <Pine.SOL.3.91.960124070149.9398C-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Wed, 24 Jan 1996, Perry E. Metzger wrote:

> > How do they verify that the person confirming the fingerprint is indeed the
> > person supposedly owning the key?
> 
> Thats up to the people signing. In most cases in that sort of
> environment, you know about 30% of the people in the room, and you
> sign their keys (and no one elses, which is reasonable).

This is pretty much the  pure web-o-trust model - the identity of the 
person is assmed to be known at the start of the process, and what is 
verified is the key- closure gets you the other folks.

I'm usually not to keen on WOT, but if it was an AI project, this is
the example that would be in the writeup :-)