Re: Digital signatures

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



David Boles:
>>> There is a better chance of me being 'me' than there is of you being
>>> 'you'.  ;-)

Tim:
>> Only on a personal verification level.  ;-)

David Boles:
> Really?

In that *you* know that you are you.

> I sign my emails with a verifiable signature. You sign yours with
> what?

But verifiable against what?

gpg: armor header: Version: GnuPG v1.4.7 (MingW32)
gpg: Signature made Fri 13 Jul 2007 14:04:22 CST using DSA key ID 8D57E101
gpg: using PGP trust model
gpg: Good signature from "David Boles <dgboles@xxxxxxxxx>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 6947 D60B 79D9 059E 405F  4084 00ED 3034 8D57 E101
gpg: textmode signature, digest algorithm SHA1

NB:  I am playing devil's advocate, here.  I hope that's obvious.  I
have looked very closely at the model that PGP uses over the years.
This "he says he is who claims to be" / "trust me" issue is a core
problem.

-- 
[tim@bigblack ~]$ rm -rfd /*^H^H^H^H^H^H^H^H^H^Huname -ipr
2.6.21-1.3228.fc7 i686 i386

Using FC 4, 5, 6 & 7, plus CentOS 5.  Today, it's FC7.

Don't send private replies to my address, the mailbox is ignored.
I read messages from the public lists.




[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux