If this discussion can't be stopped, than perhaps we can make it a useful thread, by not talking about how to behave or not to behave on a mailing list, by not talking about if we won't signed emails or not.
When the subject was "gpg/pgp noise" Jon Dowland wrote: "I clearly explained that his key was signed by another he owned, which in turn was signed by *someone else entirely*." A chain of unsigned keys for one and the same person, with one key at the end of this chain, that is signed by one person only or even enough persons signing it, is useless. This isn't the correct way to sign a key, since it's not secure and not handy. You will handle the key directly by a web of trust, not by a chain of own keys and not only signed by one person. You can do this by visiting parties, where this is done. OTOH, when do you really need signing? More likely is that you will encrypt mails, e.g. to ensure that if you write to a family with young children, using the same computer, only the parents can read mails with contents that aren't good for children. In such a case it's not needed to ensure that the key is trusted. It's only important that the parents know how to decrypt and the children don't know it. This anyway prevents against manipulating the mails content, without signing. If you really need security, than you need to take care about many things using PGP. I only use openPGP from time to time, to ensure that just a special person can read this mail, but not to be completely secure. I don't need knowledge about how to handle PGP correct and I don't have got this knowledge. Seemingly some people have completely wrong perceptions about e.g. signing a key. Instead of having something similar to a flame-war, some useful information belongs to this list. - Ralf -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1336563132.7752.25.camel@precise