From Gentoo Wiki
Jump to:navigation Jump to:search
This article is a stub. Please help out by expanding it - how to get started.

A brief FAQ on adopting GPG for Web of Trust

What if a developer(s) has lax verification practices?

Verification should require a bi-directional exchange. While its possible that developer A and B both have a relaxed process for identity verification the main benefit of a web of trust is that more signatures lead to a stronger signal of trust and Gentoo itself may vary the number of signatures required to accept an identity.