Re: mailing list pgp signatures...

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Les wrote:
> Hi, Steven,
> 	The point about the envelope is a good one.  It is a point I never
> considered.  But g's attitude doesn't make me fond of signing, in fact
> it does more to discourage users of messaging services to not use PGP or
> SMIME to sign messages.  His actions slow access, disturb the flow of
> work and as you pointed out is generally rude to the users of the list.
> As to someone signing messages to look like him I don't see how that
> could happen, because the messages would have to be signed using his
> private key, unless he posted the private key as well.
> 
If you don't have his private key, then you have no idea if a signed
message came from him, or someone else that signed the message. You
don't even know if someone took a valid message and modified it. All
you know is that the message has a signature that you can not verify.

His answer to that is that everyone that wants to verify his
signature to send him an email asking for his public key, and maybe
he will send it to you...

Mikkel
-- 

  Do not meddle in the affairs of dragons,
for thou art crunchy and taste good with Ketchup!

Attachment: signature.asc
Description: OpenPGP digital signature

-- 
fedora-list mailing list
[email protected]
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux