-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 You will have to just trust GPG as I do not think that such checking is possible to do in a secure manner. At my org, I am using GPG to encrypt all backups. To ensure that the code does not contain bugs, I wait for ~ a month before upgrading the GPG release. After an upgrade, I perform several backup+encrypt+decrypt+restore+check to make sure nothing is borked. I lock in the version and use that for a while. I do not worry about daily backups, but each quarterly backup, I encrypt it, decrypt it and verify it manually. The user base of GnuPG is huge, and any serious bugs in the code will be weeded out very quickly by the beta testers and early adopters. Invalid encryptions is a VERY serious bug. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEtuXrNR4PQ6HVpW0RAkGuAKDflrwOXTRc521Mhj0StDSriiaDdgCg1JMD kkmh4QPGGJ45njeUsC4Cry8= =R6vH -----END PGP SIGNATURE-----
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
