[linux-elitists] Elite keysigning protocol

M. Drew Streib dtype@dtype.org
Tue Jul 3 12:51:12 PDT 2001


On Tue, Jul 03, 2001 at 11:13:34AM -0700, Don Marti wrote:
> I met Manoj Srivastava at Usenix, and this is the keysigning
> protocol he follows:
> http://people.debian.org/~jaqque/keysign.html
> 
> I still don't understand what my incentive would be to give out a
> fingerprint that corresponds to a private key I can't use...maybe
> this simply functions as a way to not sign keys of people who don't
> know how to use GPG properly.

Part of this is also to ensure you're in control of the email you
claim to own.

Technically the 'password' part isn't necessary, as the ability to decrypt
an encrypted message to the key you handed someone should indicate
everything you need.

Anyway. Too paranoid is better than not careful enough, imo.

-drew

-- 
M. Drew Streib <dtype@dtype.org> | http://dtype.org/
FSG <dtype@freestandards.org>    | Linux International <dtype@li.org>
freedb <dtype@freedb.org>        | SourceForge <dtype@sourceforge.net>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 240 bytes
Desc: not available
Url : http://allium.zgp.org/pipermail/linux-elitists/attachments/20010703/c4450cb1/attachment.pgp 


More information about the linux-elitists mailing list