gnupg-doc 2003.04.06+dak1-1ubuntu1 / usr / share / doc / gnupg-doc / GNU_Privacy_Handbook / html / x554.htm

This file is indexed.

/usr/share/doc/gnupg-doc/GNU_Privacy_Handbook/html/x554.htm is in gnupg-doc 2003.04.06+dak1-1ubuntu1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>Building your web of trust</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REL="HOME"
TITLE="The GNU Privacy Handbook"
HREF="book1.htm"><LINK
REL="UP"
TITLE="Daily use of GnuPG"
HREF="c488.htm"><LINK
REL="PREVIOUS"
TITLE="Daily use of GnuPG"
HREF="c488.htm"><LINK
REL="NEXT"
TITLE="Using GnuPG legally"
HREF="x564.htm"></HEAD
><BODY
CLASS="SECT1"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>The GNU Privacy Handbook</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="c488.htm"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
>Chapter 4. Daily use of GnuPG</TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="x564.htm"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN554"
>Building your web of trust</A
></H1
><P
>Wanting to use GnuPG yourself is not enough.
In order to use to communicate securely with others you must have
a web of trust.
At first glance, however, building a web of trust is a daunting task.
The people with whom you communicate need to use 
GnuPG<A
NAME="AEN557"
HREF="#FTN.AEN557"
><SPAN
CLASS="footnote"
>[1]</SPAN
></A
>, and there needs to be enough 
key signing so that keys can be considered valid.
These are not technical problems; they are social problems.
Nevertheless, you must overcome these problems if you want to 
use GnuPG.</P
><P
>When getting started using GnuPG it is important to realize that you
need not securely communicate with every one of your correspondents.
Start with a small circle of people, perhaps just yourself and
one or two others who also want to exercise their right
to privacy.
Generate your keys and sign each other's public keys.
This is your initial web of trust.
By doing this you will appreciate the value of a small, robust
web of trust and will be more cautious as you grow your web
in the future.</P
><P
>In addition to those in your initial web of trust, you may want to
communicate securely with others who are also using GnuPG.
Doing so, however, can be awkward for two reasons:
(1) you do not always know when someone uses or is willing to use
GnuPG, and (2) if you do know of someone who uses it, you may still have
trouble validating their key.
The first reason occurs because people do not always advertise that
they use GnuPG.
The way to change this behavior is to set the example and advertise 
that you use GnuPG.
There are at least three ways to do this: you can sign messages you mail
to others or post to message boards, you can put your public key on your
web page, or, if you put your key on a keyserver, you can put your key
ID in your email signature.
If you advertise your key then you make it that much more acceptable
for others to advertise their keys.
Furthermore, you make it easier for others to start communicating
with you securely since you have taken the initiative and made it clear
that you use GnuPG.</P
><P
>Key validation is more difficult.
If you do not personally know the person whose key you want to sign,
then it is not possible to sign the key yourself.
You must rely on the signatures of others and hope to find a chain
of signatures leading from the key in question back to your own.
To have any chance of finding a chain, you must take the initiative
and get your key signed by others outside of your initial web of trust.
An effective way to accomplish this is to participate in key
signing parties.
If you are going to a conference look ahead of time for a key
signing party, and if you do not see one being held, offer to 
<A
HREF="http://www.herrons.com/kb2nsx/keysign.html"
TARGET="_top"
>hold one</A
>.
You can also be more passive and carry your fingerprint with you
for impromptu key exchanges.
In such a situation the person to whom you gave the fingerprint
would verify it and sign your public key once he returned home.</P
><P
>Keep in mind, though, that this is optional.
You have no obligation to either publicly advertise your key or
sign other people's keys.
The power of GnuPG is that it is flexible enough to adapt to your
security needs whatever they may be.
The social reality, however, is that you will need to take the initiative
if you want to grow your web of trust and use GnuPG for as much of 
your communication as possible.</P
></DIV
><H3
CLASS="FOOTNOTES"
>Notes</H3
><TABLE
BORDER="0"
CLASS="FOOTNOTES"
WIDTH="100%"
><TR
><TD
ALIGN="LEFT"
VALIGN="TOP"
WIDTH="5%"
><A
NAME="FTN.AEN557"
HREF="x554.htm#AEN557"
><SPAN
CLASS="footnote"
>[1]</SPAN
></A
></TD
><TD
ALIGN="LEFT"
VALIGN="TOP"
WIDTH="95%"
><P
>In this section, GnuPG refers to the 
GnuPG implementation of OpenPGP as well as other implementations 
such as NAI's PGP product.</P
></TD
></TR
></TABLE
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="c488.htm"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="book1.htm"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="x564.htm"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Daily use of GnuPG</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="c488.htm"
ACCESSKEY="U"
>Up</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Using GnuPG legally</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>

APT Browse - Built by Thomas Orozco.