> This is needed to make sure OpenPGP (i.e. gnupg) doesn't misinterpret stuff > inside the block. Imagine enclosing some signed data inside a > signed block. How does gnupg tell apart the "END" lines from the > inner/outer blocks?
Is this design better than one allowing the last END line to be the closing one? I see that nested blocks are possible, but is this format documented somewhere? I suppose I keep wondering where the format is described because when I first came across this, I spent a lot of time trying to import the public key embedded in a clear-signed message. I didn't realize that I needed to decrypt it until you mentioned it. And now I'm trying to learn how not to make that mistake again in general. > Be careful to distinguish between data signatures (signing a message) > and certifications (signing a key). Are you trying to wrap a data > signature around the key? Unless you have a special use-case, that > probably doesn't make sense. Instead try to use a certification. I see. I read that it is a good practice to sign one's public key before giving it to other people. I thought they meant signing the key as a message. Now that you clarified this, I went to seahorse, Names and Signatures, sign key. It gives me a choice to let others see this signature. Should I allow that? I would also appreciate it, if you could explain how key certification is useful. _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
