----- Original Message ----- From: "Kurt Roeckx" <[EMAIL PROTECTED]> > > Should I point out that a "fingerprint" is nothing more than a > hash? >
If somebody shows you their passport to prove who they are and then gives you a fingerprint of their PGP key, they have implicitly signed that fingerprint. By contrast, a simple MD5 checksum of a binary sitting on the same server is effectively unsigned. You might like to do a little reading on PKI and how it works, before you make further comment. cheers andrew ---------------------------(end of broadcast)--------------------------- TIP 1: subscribe and unsubscribe commands go to [EMAIL PROTECTED]