PGP signatures.
Anne Wilson
cannewilson at googlemail.com
Wed May 28 14:56:55 UTC 2008
On Wednesday 28 May 2008 15:42:18 Mike Chambers wrote:
> On Wed, 2008-05-28 at 15:36 +0100, Bill Crawford wrote:
> > 2008/5/28 Patrick O'Callaghan <pocallaghan at gmail.com>:
> > > gpg --sign-key <name>
> >
> > --lsign-key, please, unless you have met the person and seen their
> > passport.
>
> What is mean by "name"? Guess I am clueless to gpg and don't know my
> way around it (viewing man gpg at the moment) and nto sure what to do
> for example, when like someone's signature says invalid from evo on an
> email to the list?
>
Bear in mind that sometimes minor changes can happen on route. I occasionally
see my posts as invalid, yet I can't see anything different about them.
Also, one particular list that I use routinely marks my signatures as
invalid. I know that that particular one is caused by something routinely
added by their server.
As usual, this is risk assessment. If you normally get OK messages from that
person and get the odd invalid one, look at whether there is anything
important, security-wise, and make a decision. If you are getting them all
the time then it may be worth deleting that key and asking the person in
question to send an .asc file direct to you, which can then be imported. At
least you'll know you are checking against a good key.
Just a few ideas :-)
Anne
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20080528/c40b8800/attachment-0001.sig>
More information about the fedora-list
mailing list