Digital signature madness....
Alexander Dalloz
alexander.dalloz at uni-bielefeld.de
Tue Oct 12 23:33:00 UTC 2004
Am Mi, den 13.10.2004 schrieb Rodolfo J. Paiz um 1:19:
> Having enabled this, my Evolution (2.0.1 in FC3-T2) went from reporting
> "Invalid signature" to saying "Valid signature, cannot verify sender."
>
> 1. How do I now get it to verify sender?
There is a difference between a valid signature (--verify) and a trusted
key (--trusted-key).
> 2. What do I do so others can verify me (since I just created a keypair
> a couple of days ago, surely I'm the only one with my pub key)?
gpg --help
--> --export export keys to a key server
> 3. What changes should we make to the default configuration so
> verifying keys becomes easier for all Fedora users?
I feel the user has to read the documentation and to understand the
different "states" of a key. There is no easy way or you make signing
senseless. You have to know whom you trust and why.
Alexander
--
Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
Fedora GNU/Linux Core 2 (Tettnang) kernel 2.6.8-1.521smp
Serendipity 01:26:40 up 13 days, 3:52, load average: 0.77, 0.51, 0.40
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20041013/30570fe2/attachment-0001.sig>
More information about the fedora-list
mailing list