StatusNettag:status.hackerposse.com,2024-03-29:TagTimeline:wotNotices tagged with wotUpdates tagged with wot on Hacker Poesy!http://www.hackerposse.com/~rozzin/graphics/stills/ray-traced/ripple.png2024-03-29T02:52:13-04:00http://activitystrea.ms/schema/1.0/commenttag:status.hackerposse.com,2019-07-03:noticeId=133956:objectType=commentNew comment by rozzinSo, "what am I doing when I get a new key from someone and check the signatures to see if there are any people in common" depends heavily on what you mean by "check the signatures" and "people in common". If you mean "trace through signature-chains with no #<span class="tag"><a href="https://status.hackerposse.com/tag/trust" rel="tag">trust</a></span> #<span class="tag"><a href="https://status.hackerposse.com/tag/metrics" rel="tag">metrics</a></span> to find *reachable* signatures", then no you're not using #<span class="tag"><a href="https://status.hackerposse.com/tag/wot" rel="tag">WoT</a></span> verification, you're making your own inferences based on something else.http://activitystrea.ms/schema/1.0/post2019-07-03T14:32:33+00:002019-07-03T14:32:33+00:00http://activitystrea.ms/schema/1.0/personhttp://status.hackerposse.com/user/1rozzinRobotanist, FOSS engineer, artist w/ a superhuman ability to distinguish shades of khaki. FoxtrotGPS, libvisualid, GNU Robots maintainer.42.76537 -71.46757rozzinJoshua Judson RosenRobotanist, FOSS engineer, artist w/ a superhuman ability to distinguish shades of khaki. FoxtrotGPS, libvisualid, GNU Robots maintainer.Nashua, New Hampshire, USAhomepagehttp://www.hackerposse.com/~rozzintruehttps://indy.im/conversation/20416724http://activitystrea.ms/schema/1.0/commenttag:status.hackerposse.com,2019-07-03:noticeId=133950:objectType=commentNew comment by rozzinThat #<span class="tag"><a href="https://status.hackerposse.com/tag/tails" rel="tag">Tails</a></span> "use the WoT" download #<span class="tag"><a href="https://status.hackerposse.com/tag/verification" rel="tag">verification</a></span> guide is telling you to do 2 distinct things: <br /> 1) use #<span class="tag"><a href="https://status.hackerposse.com/tag/pgp" rel="tag">PGP</a></span> WoT metrics to identify someone who is a Tails developer (but not AFAICT to identify that person *as* a Tails developer);<br /> 2) make a WoT-less leap from "this is Bob" to "Bob is verified as a Tails developer AND his signatures mean something".<br /> <br /> In that "→A→B→C" chain of mixed ops, #<span class="tag"><a href="https://status.hackerposse.com/tag/wot" rel="tag">WoT</a></span> only takes you to B.http://activitystrea.ms/schema/1.0/post2019-07-03T05:15:55+00:002019-07-03T05:15:55+00:00http://activitystrea.ms/schema/1.0/personhttp://status.hackerposse.com/user/1rozzinRobotanist, FOSS engineer, artist w/ a superhuman ability to distinguish shades of khaki. FoxtrotGPS, libvisualid, GNU Robots maintainer.42.76537 -71.46757rozzinJoshua Judson RosenRobotanist, FOSS engineer, artist w/ a superhuman ability to distinguish shades of khaki. FoxtrotGPS, libvisualid, GNU Robots maintainer.Nashua, New Hampshire, USAhomepagehttp://www.hackerposse.com/~rozzintruehttps://indy.im/conversation/20416724http://activitystrea.ms/schema/1.0/commenttag:status.hackerposse.com,2019-07-03:noticeId=133949:objectType=commentNew comment by rozzinIt may also matter that when I say "#<span class="tag"><a href="https://status.hackerposse.com/tag/pgp" rel="tag">PGP</a></span>", I really mean "#<span class="tag"><a href="https://status.hackerposse.com/tag/gnupg" rel="tag">GnuPG</a></span>" because AFAICT GPG is the PGP that everyone actually uses these days. There are "trust signatures" in #<span class="tag"><a href="https://status.hackerposse.com/tag/openpgp" rel="tag">OpenPGP</a></span>, and GPG can make and use them..., but they're a whole different thing from "trust", "signatures", and #<span class="tag"><a href="https://status.hackerposse.com/tag/wot" rel="tag">WoT.</a></span> And I don't think I've ever actually seen one in the wild. Some other PGP implementation might use tsigs by default? But I doubt it?http://activitystrea.ms/schema/1.0/post2019-07-03T04:56:58+00:002019-07-03T04:56:58+00:00http://activitystrea.ms/schema/1.0/personhttp://status.hackerposse.com/user/1rozzinRobotanist, FOSS engineer, artist w/ a superhuman ability to distinguish shades of khaki. FoxtrotGPS, libvisualid, GNU Robots maintainer.42.76537 -71.46757rozzinJoshua Judson RosenRobotanist, FOSS engineer, artist w/ a superhuman ability to distinguish shades of khaki. FoxtrotGPS, libvisualid, GNU Robots maintainer.Nashua, New Hampshire, USAhomepagehttp://www.hackerposse.com/~rozzintruehttps://indy.im/conversation/20416724http://activitystrea.ms/schema/1.0/commenttag:status.hackerposse.com,2019-07-03:noticeId=133948:objectType=commentNew comment by rozzinThat #<span class="tag"><a href="https://status.hackerposse.com/tag/pgp" rel="tag">PGP</a></span>'s #<span class="tag"><a href="https://status.hackerposse.com/tag/wot" rel="tag">WoT</a></span> metrics (supposedly) propagate through signature-chains is somehow basically an extremely popular #<span class="tag"><a href="https://status.hackerposse.com/tag/myth" rel="tag">myth</a></span>; "talks about WoT being all about arbitrarily-long multi-hop chains of trust" and "conflates #<span class="tag"><a href="https://status.hackerposse.com/tag/trust" rel="tag">trust</a></span> and #<span class="tag"><a href="https://status.hackerposse.com/tag/identity" rel="tag">identity</a></span> #<span class="tag"><a href="https://status.hackerposse.com/tag/certification" rel="tag">certification</a></span>" have been "understands-pgp-p" litmus tests for me since I realized how confused *I was myself* years ago, and they've never failed before.http://activitystrea.ms/schema/1.0/post2019-07-03T04:49:32+00:002019-07-03T04:49:32+00:00http://activitystrea.ms/schema/1.0/personhttp://status.hackerposse.com/user/1rozzinRobotanist, FOSS engineer, artist w/ a superhuman ability to distinguish shades of khaki. FoxtrotGPS, libvisualid, GNU Robots maintainer.42.76537 -71.46757rozzinJoshua Judson RosenRobotanist, FOSS engineer, artist w/ a superhuman ability to distinguish shades of khaki. FoxtrotGPS, libvisualid, GNU Robots maintainer.Nashua, New Hampshire, USAhomepagehttp://www.hackerposse.com/~rozzintruehttps://indy.im/conversation/20416724http://activitystrea.ms/schema/1.0/commenttag:status.hackerposse.com,2019-07-01:noticeId=133911:objectType=commentNew comment by rozzin@<a href="https://indy.im/boneidol" class="h-card mention" title="kat">boneidol</a> The signature-flooding attack on the SKS #<span class="tag"><a href="https://status.hackerposse.com/tag/keyservers" rel="tag">keyservers</a></span> (and DoS of their users) is bad but doesn't actually sound like any kind of #<span class="tag"><a href="https://status.hackerposse.com/tag/apocalypse" rel="tag">apocalypse</a></span>, and has basically nothing to do with the #<span class="tag"><a href="https://status.hackerposse.com/tag/wot" rel="tag">WoT</a></span>; signature-chains maybe, but that's something else entirely. !<a href="http://sn.jonkman.ca/group/348/id" class="h-card group" title="Cryptography (crypto)">crypto</a>http://activitystrea.ms/schema/1.0/post2019-07-01T19:40:24+00:002019-07-01T19:40:24+00:00http://activitystrea.ms/schema/1.0/personhttp://status.hackerposse.com/user/1rozzinRobotanist, FOSS engineer, artist w/ a superhuman ability to distinguish shades of khaki. FoxtrotGPS, libvisualid, GNU Robots maintainer.42.76537 -71.46757rozzinJoshua Judson RosenRobotanist, FOSS engineer, artist w/ a superhuman ability to distinguish shades of khaki. FoxtrotGPS, libvisualid, GNU Robots maintainer.Nashua, New Hampshire, USAhomepagehttp://www.hackerposse.com/~rozzintruehttps://indy.im/conversation/20416724http://activitystrea.ms/schema/1.0/notehttp://identi.ca/notice/99543444New note by zackDustin Kirkland: «Introducing Hockeypuck -- a new #<span class="tag"><a href="http://identi.ca/tag/hkp" rel="tag">HKP</a></span> server» <a href="http://ur1.ca/cs99t" title="http://blog.dustinkirkland.com/2013/02/introducing-hockeypuck-new-hkp-server.html" rel="nofollow external">http://ur1.ca/cs99t</a> #<span class="tag"><a href="http://identi.ca/tag/wot" rel="tag">WoT</a></span> #<span class="tag"><a href="http://identi.ca/tag/gpg" rel="tag">gpg</a></span>http://activitystrea.ms/schema/1.0/post2013-02-12T08:08:33+00:002013-02-12T08:08:33+00:00http://activitystrea.ms/schema/1.0/personhttp://identi.ca/user/24555zackGeek, Debian Project Leader 2010-2013, Free Software zealot, Computer Science professor. Italian from Bologna, emigrated to Paris, France32.98333 49.15zackStefano ZacchiroliGeek, Debian Project Leader 2010-2013, Free Software zealot, Computer Science professor. Italian from Bologna, emigrated to Paris, FranceParis, Francehomepagehttp://upsilon.cc/~zacktruehttp://status.hackerposse.com/conversation/31680http://activitystrea.ms/schema/1.0/notehttp://identi.ca/notice/98338287New note by zack…and <a href="http://ur1.ca/bg7wm" title="http://pgp.cs.uu.nl/" rel="nofollow external">http://ur1.ca/bg7wm</a> is back, YAY! #<span class="tag"><a href="http://identi.ca/tag/gnupg" rel="tag">gnupg</a></span> #<span class="tag"><a href="http://identi.ca/tag/wot" rel="tag">WoT</a></span>http://activitystrea.ms/schema/1.0/post2012-12-08T10:16:37+00:002012-12-08T10:16:37+00:00http://activitystrea.ms/schema/1.0/personhttp://identi.ca/user/24555zackGeek, Debian Project Leader 2010-2013, Free Software zealot, Computer Science professor. Italian from Bologna, emigrated to Paris, France32.98333 49.15zackStefano ZacchiroliGeek, Debian Project Leader 2010-2013, Free Software zealot, Computer Science professor. Italian from Bologna, emigrated to Paris, FranceParis, Francehomepagehttp://upsilon.cc/~zacktruehttp://status.hackerposse.com/conversation/25791