On Thu, 3 Oct 2002 15:17, Ben Burton wrote: > > so you have to do > > gpg --edit-key <email-address> > > Command> sign > > Command> trust > > Command> save > > No! You should only ever sign a key if you can be sure the key belongs to > the person who claims to own it. This generally means you have received > the key (or its fingerprint) through a non-electronic medium - such as in > person on a slip of paper - and you have verified the identify of its > owner, such as by checking a drivers' license or passport.
I was under the impression that the original message was about your own key, which you should sign (keys that aren't self-signed are worthless). Presumably you don't need to look at your own drivers' license. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page
