On Sun, Dec 12, 2004 at 10:49:42PM -0500, Jason Stephenson wrote: > I don't usually followup on my own list mails like this, but I thought > that I'd share what I did. > > Well, I went ahead and told them to publish that key. However, once I > checked it, I discovered that I had already revoked it in 2002! If you > query pgp.mit.edu or the new PGP Global Network for my key, you'll see > that it was revoked. > > So, they asked me to verify a revoked key....I think that's a bit odd, > but oh well. *shrugs* > > Now, to set up Enigmail and to generate a new key.... > > Anyone want to have a key signing party?
I gave out my key, on my business card, to a couple people at the last Nashua meeting. Perhaps not as secure as GPG experts would recommend, but given that I had all the nifty toys that the signer had heard me talk about before, it probably worked out okay ;) I'd love to expand on my WoT however: I carry ID + Business Card with key fingerprint at all times just in case I meet someone that does do signatures, and so on. I'm interested in what people think a best practice for signing emails is. I sign all outgoing emails (except to some family, like my grandmother who tries to open the "attachment" with my emails). Some guides will recommend not to do that for mailing lists where people are not so likely to know you. Do others have opinions on that? -- Christopher Schmidt
pgpao8ChWL5mr.pgp
Description: PGP signature