On Wed, 6 Jun 2012 21:54, pe...@digitalbrains.com said:
But it's a bit unclear to me on what basis you decided it looked correct? Your
mail suggests to me that you decided that based on the fact that the UID on
that key is Werner Koch (dist sig). But that would be the very first thing a
If
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07.06.2012 02:15, Sam Smith wrote:
yes, impersonation of the UID [Werner Koch (dist sig)] is what I'm
trying to guard against.
My efforts to verify the fingerprint are the best way to do this,
correct?
Date: Wed, 6 Jun 2012 21:54:01
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/06/12 14:17, Peter Lebbing wrote:
On 07/06/12 06:23, da...@gbenet.com wrote:
Clearly you failed to follow my link and clearly you failed to check the
public key for gnupg. Now being a little confused try and get a clear
question in your mind
On 6/7/12 11:18 AM, da...@gbenet.com wrote:
To put matters simply, (1) Verner's key is not the same as gnupg's
key (2) You can confirm the validity of Verner's key by meeting him
(3) you can confirm that gnupg is running on your computer gpg/2
--version..
As an FYI, you are consistently
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/06/12 17:14, Robert J. Hansen wrote:
On 6/7/12 11:18 AM, da...@gbenet.com wrote:
To put matters simply, (1) Verner's key is not the same as gnupg's key (2)
You can
confirm the validity of Verner's key by meeting him (3) you can confirm that
On Thu, 7 Jun 2012 17:59, mika.henrik.mai...@hotmail.com said:
% gpg --list-sigs D8692123C4065DEA5E0F3AB5249B39D24F25E3B6
pub 2048R/4F25E3B6 2011-01-12 [expires: 2019-12-31]
uid Werner Koch (dist sig)
sig 58DFC608 2011-06-11 Andrey ...
sig 30B94B5C
On 6/7/12 12:32 PM, Werner Koch wrote:
That is actually a bit funny: I never asked anyone to sign that key.
Probably they deduced the correctness from my regular key which I
used to sign the above key. That is not a surprise; I have seen
many signatures on my keys from people I never met.
On 6/7/12 1:05 PM, Sam Whited wrote:
It would also just be an unwanted extra step for a lot of people.
Yes. And there are doubtless a large number of people who really don't
want to have to type in their new passphrase twice, too. We make them
do it anyway.
Objecting to it on the grounds of I
On Thu, Jun 7, 2012 at 1:22 PM, Robert J. Hansen r...@sixdemonbag.org wrote:
Yes. And there are doubtless a large number of people who really don't
want to have to type in their new passphrase twice, too. We make them
do it anyway.
Yes, but that actually serves a purpose, it prevents people
On 6/7/12 2:10 PM, Sam Whited wrote:
...yes, it's hardly onerous, but it's still one extra step that does
nothing for more advanced users (except perhaps when they haven't
had enough coffee early in the morning :) ).
Friend of mine, a former law-enforcement officer, is a big believer in
On Thu, June 7, 2012 11:27 am, Werner Koch wrote:
snipped
If you look at my OpenPGP mail header you will be pointed to a
âfingerâ
address - enter it into your web browser (in case you don't know what
finger is) and you will see
I see that it would be handy to have this stuff in the
11 matches
Mail list logo