On Mon, Jul 16, 2012 at 03:11:04PM -0700, Jonathan McDowell wrote:
On Mon, Jul 16, 2012 at 10:54:11PM +0100, Steve Engledow wrote:
I've signed it with my old key and signed this email with my old key so that should be enough for you to trust it.
If not, here's a block of text which I've signed with the new key :)
How does that convince me that your old key hasn't been compromised and the person who now has control of it isn't trying to present a new key as "you" that you then can't read?
Would Stilvoid's logic be sufficient if you had previously trusted the old key? Yes, the original key could have been compromised, but then I trusted that already. So if I trust a new key, which he has signed with the old key, then I don't think I'm extending my trust any further than it already was, right?
Richard