Diego, I'm afraid this doesn't work because at the beginning I need to have both the private and public key in order to carry out operations in RIPE database. I don't see a difference if he generates the key pair, uploads the ASCII armored public key to RIPE public database and then has to send the private key and password protecting the private key to me.
regards, Martin 2013/8/2, NdK <ndk.cla...@gmail.com>: > Il 02/08/2013 12:51, Martin T ha scritto: > > [...] >> shipping the USB memory stick. Better ideas? > It's a wrong thing from the start. > Let the user generate his key pair. Get his pubkey in a secure way > (maybe for you it's enough if he sends you a snail mail hand-signed w/ > the key hash) and send it to RIPE (maybe signed by your key). > > If you have the secret key at any point in time, it's always doubtful > who signed something. > > BYtE, > Diego. > _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
