Il 17/09/2013 22:01, Philip Jägenstedt ha scritto: > That's fine, I'm just trying to figure out what others do to convince > themselves that (e.g.) the GnuPG dist sig key is trustworthy-ish and > if there are any tools to help with the boring bits. I think "stability" is what most newbies (and probably experienced users too) use.
If the same "identity" keeps using the same key while relating with different users, it's "trustworthy". So if I have CDs from some years ago and OpenPGP is signed with the same key used today, I can be "sure enough" it's not been tampered with and the new file is trustworthy. And often it's more important stability over "impossible" verifications of "real life identity". BYtE, Diego. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
