On Tue, Aug 19, 2008 at 06:10:50PM +0930, Tim wrote: > >> Is it just me, or do others also think that a public email (even a > >> signed one) would be almost the worst place to trust a fingerprint > >> announcement? > Laszlo BERES: > > If the mail is correctly signed then it's OK. > A message being correctly signed isn't quite the same thing as being > able to verify that it's been produced by the person in question. If it's widely distributed and seen as okay by multiple people who can verify it directly, it's perfectly fine. After all, it's *meant* to be public information. -- Matthew Miller mattdm@xxxxxxxxxx <http://mattdm.org/> Boston University Linux ------> <http://linux.bu.edu/> -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
