On 02/27/2015 01:12 PM, Andreas Schwier wrote: <SNIP>
> So what exactly is the purpose of the keyserver then ? If you expect me > to still verify fingerprints out of band, why would I grab a - probably > bogus key - from a keyserver first place ? I could immediately ask my > peer to send it by mail. I find keyservers most useful when I receive a signed (and typically encrypted) email from someone whose public key I don't have. Enigmail reports an untrusted signature. So I hit Details, and accept its offer to get the requisite key from (by default) <pool.sks-keyservers.net>. If I need the public key of someone new, I first look on <keybase.io>. If it's not there, or on their website or blog, I typically just request it by email. <SNIP> _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
