On Mon, Feb 28, 2011 at 11:58:02AM -0500, Robert J. Hansen wrote: > On 2/28/11 10:13 AM, Aaron Toponce wrote: > > If a key has falsified signatures, it should be easy enough to find out. > > Why? > > I have never understood the tendency of people, particularly on this > list, to assume that people who are technologically skilled and up to no > good will not devote more than thirty seconds to coming up with > effective methods of skulduggery.
Because all the signatures on the key will be falsified, that can be verified by recursively extracing the signature keys from the keyservers, and examining their signatures. Oh hey, look. The keys are isolate from the rest of the world. Hmm. -- . o . o . o . . o o . . . o . . . o . o o o . o . o o . . o o o o . o . . o o o o . o o o
signature.asc
Description: Digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
