-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 snowcrash+gnupg-users wrote:
> that said, is there any reason NOT to (or, any advantage to ...): > > *l*sign "B" with "A", and, therefore, NOT distribute "A" to the > keyservers &/or via export -- and, instead, reference the "A" > trust-ing-pubkey @ a web page? There is somewhat constant debate over the best method. Many believe that Email addresses are 'harvested' from the Servers by bots intent on increasing the Spammers database. Many others argue that they haven't been affected by /increased/ Spam and not publishing to the Servers negates the ability to Verify a Sig from a Key not currently existing on the recipients Keyring. When the Key is on the Servers the 'automatic' Key Retrieval options in GnuPG & PGP handle this situation quite nicely. I use both methods. JOHN :-\ Timestamp: Sunday 28 Jan 2007, 14:49 --500 (Eastern Standard Time) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7-svn4405: (MingW32) Comment: Public Key at: http://tinyurl.com/8cpho Comment: Gossamer Spider Web of Trust: http://www.gswot.org Comment: My Homepage: http://tinyurl.com/yzhbhx iQEcBAEBCgAGBQJFvP5ZAAoJEBCGy9eAtCsP3FIH/16WFiom1EAzMTLiowr5XjDP U5DRnqLNnVDhpGZQeSl6N+F95fN9Y5IP12+WrHDXhmrEI4SERJvk7y/TPwG78D55 W2hrgjnp8I5ibRUfzIEkOoxadOz8vrMi3yg1AyPwpYXNBknewg0BhEpwYGfZqX/8 80kNIg00VsW9+y4CZogzsRSC6KryCUQxgHdiFquyret/gmyj3e6+nyc3zQKQP38J jzhel0LyLx05CUBeKc4VsBmNwLuCKu4kGON2liS8Rm2wAFnJzmKehLsYbEgkeduq xiTPcUkjHTojJ+tVkYnf8F00Hwc3Kzb99+FSZ0abRazXQf9fV4bhkDVSZRL1dGg= =gEkF -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
