Re: Bad idea
And that's the thing. It shouldn't cost money, or time, or production of government papers to create a site cert.
I don't need to do any of those things to create a PGP key. I just create a key. If I want people to trust my key I can have it signed by other people with whom I have some kind of relationship. I could even pay a CA to sign my key if I wanted.
I think the web needs something similar. Even an unsigned key is still better than plain text if it's presented as such.
Biting the hand that feeds IT
