Digital signatures
Tim
ignored_mailbox at yahoo.com.au
Fri Jul 13 06:23:26 UTC 2007
David Boles:
>>> There is a better chance of me being 'me' than there is of you being
>>> 'you'. ;-)
Tim:
>> Only on a personal verification level. ;-)
David Boles:
> Really?
In that *you* know that you are you.
> I sign my emails with a verifiable signature. You sign yours with
> what?
But verifiable against what?
gpg: armor header: Version: GnuPG v1.4.7 (MingW32)
gpg: Signature made Fri 13 Jul 2007 14:04:22 CST using DSA key ID 8D57E101
gpg: using PGP trust model
gpg: Good signature from "David Boles <dgboles at gmail.com>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 6947 D60B 79D9 059E 405F 4084 00ED 3034 8D57 E101
gpg: textmode signature, digest algorithm SHA1
NB: I am playing devil's advocate, here. I hope that's obvious. I
have looked very closely at the model that PGP uses over the years.
This "he says he is who claims to be" / "trust me" issue is a core
problem.
--
[tim at bigblack ~]$ rm -rfd /*^H^H^H^H^H^H^H^H^H^Huname -ipr
2.6.21-1.3228.fc7 i686 i386
Using FC 4, 5, 6 & 7, plus CentOS 5. Today, it's FC7.
Don't send private replies to my address, the mailbox is ignored.
I read messages from the public lists.
More information about the fedora-list
mailing list