-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
On Saturday 14 February 2015 at 10:05:24 PM, in <mid:54dfc6a4.8070...@mailbox.org>, Stephan Beck wrote: > Well, it's rather a precautionary measure than an > actual security measure, , reminding me of not trusting > the key owner's ability to handle and verify signatures > correctly, if he/she uses a signature no one has the > chance to check because the information about the > public key's location isn't indicated by its owner in > his/her very message. When I check the signature of the first message in this thread (Message-ID: <m0vbj6n3xy....@kcals.intra.maillard.im>), GnuPG fetches Xavier's key from a keyserver. I don't see why information about a public key's location would need to be indicated for a key that is on the keyservers. That said, Xavier's message kludges contain the key-id and fingerprint, as well as a link to the lookup of that key on a keyserver (wwwkeys.pgp.net, which seems to be down at the moment). > I assigned the "I do not trust > him" attribute to the first key he used in a previous > message. > Or was your comment directed to the owner of the key? > Now, I am not quite sure about that... No, I was asking what you meant by "I have assigned your key a non-trust attribute". From your reply, I see you mean Trust setting number 2 "I do NOT trust". On my keyring, my own keys have a 5 "I trust ultimately" and all other keys have the default. (I presume not setting trust on a key is the same as setting 1 "I don't know or won't say".) - -- Best regards MFPA mailto:2014-667rhzu3dc-lists-gro...@riseup.net Oven mitt: A partially charred grease stain that fits over the hand. -----BEGIN PGP SIGNATURE----- iQF8BAEBCgBmBQJU4I2aXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2 QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwOZ4H/RqcwizzvB9sVLp0IpfU+Q9C pt6HtthvYU2Zp0bjA2O3ApAkjbp3zaY7hycKce0gUGTuyE/kg9gym6wU9n0qhLy0 x52fGr67zHyit0NnPnWf1Un/gZFQN/AdtjbNANYu7AAY0KlR8nGBJ7q7ljxx7Ecg IS0TzU5Umk89JDW4ch8ZJA240AjpQDHhyiMYrQu9vcKget0giXBKQuxAE9nX22oY 710G4PXSM8KysoyMABGS+zxXw/7lL5D7DSsYE1XuCJk/rXeXuGLJ+GcJimMpZLUk QisvC384Ya4co+YcCrUYIGbDGqfKj59jz63raqcU6uOWDQu/+z6ae3PWraTLdqKI vgQBFgoAZgUCVOCNp18UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45FQrAQC3aO01dRIVTAkh+31Tc1MoN/SU XdoVDu93UaoxN5uWFgEA9EbORCdCTyekswKRSUXbaamDiIO0sNLBAD+1/LEAYQg= =Ybmh -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
