Mathieu Roy <[EMAIL PROTECTED]>: > But to avoid any delicate issue in the future, if I were you, if would > ask him to confirm with a gpg signed email the license change (just an > email is something easy to fake).
Getting him to sign the e-mail with his own key won't help much in the case of him later claiming that the e-mail isn't genuine: he could at any time "accidently" publish his secret key and revoke it; now anyone can fake the e-mail. A better solution is to do everything in public so that there are lots of witnesses. > In some countries, it's accepted as > a valid proof of the origin of the email. A signature made with a secret key that was published on Usenet can hardly be a valid proof of anything. Edmund
