Key signing is held up as an integral part of asymmetric encryption's
usefulness- determining that you are indeed communicating with who you
think you are.
However, gnupg does not recurse signatures on imported or updated keys, and
I am unable to find a single reference to a simple method of
On 04/27/2013 09:31 AM, Quinn Wood wrote:
Key signing is held up as an integral part of asymmetric encryption's
usefulness- determining that you are indeed communicating with who you
think you are.
However, gnupg does not recurse signatures on imported or updated keys,
and I am unable to find a
On 04/26/2013 11:47 AM, Robert J. Hansen wrote:
For my own lookout, I don't see that this practice would give me very
much. If SHA-1 falls victim to preimage attacks
I don't think this recommendation was made to defend against preimage
attacks. Avoiding the use of SHA-1 in certifications in