PGP signatures.
Mikkel L. Ellertson
mikkel at infinity-ltd.com
Wed May 28 16:11:07 UTC 2008
Tim wrote:
> Patrick O'Callaghan:
>>> gpg --sign-key <name>
>
> Bill Crawford:
>> --lsign-key, please, unless you have met the person and seen their passport.
>
> A good idea, but could you tell a forged passport apart from a real one?
> I'm sure that I couldn't. Likewise for other forms of ID, I couldn't
> tell a real one from a good fake, and I'd have no way to verify a real
> ID.
>
> Though I seriously doubt that most of use would be using gpg in a way
> that required such a level of personal identify assurance.
>
I started signing my email to the lists when a couple of messages
hit a list with my email address that were not from me. This way, a
forged message stands out because of the lack of signature, or a
because it is signed by a different key.
Mikkel
--
Do not meddle in the affairs of dragons,
for thou art crunchy and taste good with Ketchup!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20080528/4d122e3e/attachment-0001.sig>
More information about the fedora-list
mailing list