su. den 21. 02. 2016 klokka 00.34 (+0000) skreiv Patrick O'Callaghan: > On Sat, 2016-02-20 at 23:49 +0100, Rudolf Künzli wrote: > > > My key weren't confirmed in my sent messages before I trusted my > > own > > > key. So I guess that's what other people that trust me have to do > > > too. > > > > IMHO your public key should be attached/sent with your signature. In > > that case I could store your public key on my system (evolution) and > > use it directly to encrypt my messages sent to you. > > Naturally I could > > search on gpg.mit.edu, but getting the public key directly would make > > my life more easy! > > This is not the way it's supposed to work. If I don't check the public > key is trusted, why should I believe a message signed with it? Simply > picking up the key with the message is tantamount to doing nothing. I > must either know the key beforehand (i.e. I have it in my keyring) or I > fetch it from a public server and check who vouches for it. > > poc
That's what I thought too. Like my friend and I. We physically checked each other's fingerprints too. We know who we are and who the key belongs too. So of course we sign it and trust it. And thanks, by the way, for your answers and help. I've learned a lot since I got here. Regards, Stig _______________________________________________ evolution-list mailing list evolution-list@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-list
