-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Tad Marko wrote:
> Right, which is the reason for the continued need to let people know
> your key signature via a trusted means. But, if someone was wanting to
> hassle you by creating scads of bogus keys on keyservers, it still
> makes it that muc
On Sun, Oct 16, 2005 at 06:09:27PM +0100, Nicholas Cole wrote:
>
> --- Tad Marko <[EMAIL PROTECTED]> wrote:
> > An email verification step?
>
>
> The problem is, that IF the email infrastructure was
> secure enough to be trusted, there would be no need
> for pgp/gpg/smime at all. An email verif
--- Tad Marko <[EMAIL PROTECTED]> wrote:
> > You can't. That's like asking how you can stop
> other people from
> > printing out badges that say "I am Tad Marko" and
> pinning them to their
> > shirts.
>
> I'm not asking for that. I want them to not say that
> a given key goes
> to [EMAIL PROTE
On 9262 day of my life Tad Marko wrote:
>> You can't. That's like asking how you can stop other people from
>> printing out badges that say "I am Tad Marko" and pinning them to their
>> shirts.
>
> I'm not asking for that. I want them to not say that a given key goes
> to [EMAIL PROTECTED]
It is n
On Fri, Oct 14, 2005 at 09:51:22AM -0500, Tad Marko wrote:
> > GPG and PGP don't care about names -- they only care about public keys.
> > If you want someone to be able to send a message to the right person,
> > you need to make sure they're encrypting it with the right public key.
> >
> > You d
On Thu, Oct 13, 2005 at 09:39:00PM -0700, Eric wrote:
> On Thu, 2005-10-13 at 13:26 -0500, Tad Marko wrote:
> > If someone creates a key that LOOKS like I created it (my name and
> > email address) and uploads it to the keyservers, how can I either get
> > rid of it or somehow flag my own key in su
On Thu, 2005-10-13 at 13:26 -0500, Tad Marko wrote:
> If someone creates a key that LOOKS like I created it (my name and
> email address) and uploads it to the keyservers, how can I either get
> rid of it or somehow flag my own key in such a way that it is clear
> which is the real one?
You can't.
On Thu, Oct 13, 2005 at 01:26:15PM -0500, Tad Marko wrote:
> If someone creates a key that LOOKS like I created it (my name and
> email address) and uploads it to the keyservers, how can I either get
> rid of it or somehow flag my own key in such a way that it is clear
> which is the real one?
If
On Thu, Oct 13, 2005 at 09:12:11PM +0100, Neil Williams wrote:
> > or somehow flag my own key in such a way that it is clear
> > which is the real one?
>
> Any change you make to your key could be mirrored by whoever created the
> other
> key. Use the fingerprint, that's what it is for.
Signat
On Thursday 13 October 2005 7:26 pm, Tad Marko wrote:
> If someone creates a key that LOOKS like I created it (my name and
> email address) and uploads it to the keyservers, how can I either get
> rid of it
You can't. You need to rely on the fingerprint - that is the only unique
identifier for an
Key Fingerprint in Signature?
(look Down)
On Thu, 2005-10-13 at 13:26 -0500, Tad Marko wrote:
> If someone creates a key that LOOKS like I created it (my name and
> email address) and uploads it to the keyservers, how can I either get
> rid of it or somehow flag my own key in such a way that it is
If someone creates a key that LOOKS like I created it (my name and
email address) and uploads it to the keyservers, how can I either get
rid of it or somehow flag my own key in such a way that it is clear
which is the real one?
Thanks,
Tad
___
Gnupg-use
12 matches
Mail list logo
