On Mon, Oct 8, 2012 at 7:36 AM, Branko Čibej <[email protected]> wrote:
> What guarantee do you have that a particular Skype ID is whoever you
> think it is? None at all, unless the person involved looked at your
> Skype contact list and said, yeah, that's me. Likewise for Google
> Hangout. As long as they're doing that, they might as well verify the
> signature fingerprint in your PGP keyring.
>
> In this respect e-mail is just as secure, so why don't we all just sign
> keys because someone claiming to be from from Chad sent us a mail asking
> us for a signature?
>
> Really.
Is it your position that this excerpt from the GnuPG docs is wrong?
This may be done in person or over the phone or through any other
means as long as you can guarantee that you are communicating with
the key's true owner.
Marvin Humphrey
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
