|
On Tuesday 31 March 2009 13:16:42 Tim wrote: > On Tue, 2009-03-31 at 12:27 +0100, Bill Crawford wrote: > > Ought to be possible for people to visit companies' offices and sign > > their keys, and add them to the "web of trust" as per PGP / GPG keys. > > No idea if / how that should be done, in practice, though. > > Actually, I'd like to be able to do something like with banking (go into > the branch, and physically confirm keys used for banking). For the one > or two people that I've used encrypted mail with, I exchanged keys in > person. > Bear in mind that the Public Key is intended to be just that - public. It is useless to anyone else as only you have the Private Key that forms the pair, so there is no problem at all about the public key being accessible. It can *only* be used to compare against your signature. It cannot be used in any attempt to pretend to be you. Anne -- New to KDE4? - get help from http://userbase.kde.org Just found a cool new feature? Add it to UserBase |
Attachment:
signature.asc
Description: This is a digitally signed message part.
-- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
