Philippe Cerfon wrote: > But now that you say it. Would it be "better" to not just check other > keys via their fingerprint, but to really copy them (e.g. per > USB-stick) from their owners and sign only such direct copies?
No. Sharing media is a great way to spread malware. Don't do that to your friends. Use the keyserver network. SHA-1 is in trouble, but it's not dead yet, and regular users should not be worried about it. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
