Gentoo-gpg-faq

From Gentoo Wiki
Jump to: navigation, search
This article is a stub. You can help by expanding it.

A brief FAQ on adopting GPG for Web of Trust

What if a developer(s) has lax verification practices?

Verification should require a bi-directional exchange. While its possible that developer A and B both have a relaxed process for identity verification the main benefit of a web of trust is that more signatures lead to a stronger signal of trust and Gentoo itself may vary the number of signatures required to accept an identity.