Suggestions for e-mail client:

Tim ignored_mailbox at yahoo.com.au
Sun Oct 1 04:57:56 UTC 2006 

On Sat, 2006-09-30 at 19:55 -0400, Ric Moore wrote:
> Anne, when I get your email from this list there is a bottom brownish
> bar that sez that your key is invalid. Is that because it passes
> through the list server? It's got a boxing glove looking icon with an
> X in the knuckles area. FYI, Ric

That'd be because you don't have Evolution/gpg set up to automatically
get keys if it doesn't already have them.  The check is not just that
the message has been signed, but that the key is the correct one.  The
way it does that is to check against the keys already in your
possession, and/or fetching those that are not.

Think of it like a cop picking up what he thinks is a burglar about to
break into a house.  He wouldn't just ask the guy if he had a key to get
in the door, and to see that he has a key in his hand.  He'd ask him to
put the key in the lock and prove that it was the right key.

This is where the "proof" comes in.  Anybody can create a key in someone
else's name, but it will be a *different* key.  It won't match, and you
can tell them apart.  For further proof, keys can be countersigned by
other users, somewhere along the line one of the keys should be signed
by someone that you personally know, or some authority that you would
have trusted to check that the person really was who they say they
are.  

Therein lay the letdown with pgp implementations:  Most keys aren't
countersigned by someone else, or by someone else that you'd rely on.
So while you'd be sure that you were conversing with the same person as
last time, you don't know if they claim that they are who they say they
are.  And to be honest, considering how many people do set up their PCs,
you don't even know that.  Too many people will set up their PCs so that
they don't have to provide a passphrase, and anybody using that box can
post as them.

-- 
(Currently running FC4, in case that's important to the thread)

Don't send private replies to my address, the mailbox is ignored.
I read messages from the public lists.

More information about the fedora-list mailing list