PGP use in blogistan

Ben (on Six Apart's swanky new Six Log), discusses extending PGP-signing with a centralized verification/web of trust service. I agree that would be fantastic. But I don't think it needs to exist before implementing PGP-signing in open systems. Signing and verifying can already be done with desktop tools. If PGP-signing catches on, tools to make the process easier would be a void that someone could fill with a centralized Web application. It seems natural.

I think part of what makes this PGP-signing approach nice though, is that it doesn't rely on any one central service. It makes identity management completely decentralized.