On 17/03/15 22:09, Clark Rivard wrote: > I used the "sha1sum" option and got the expected result - does this verify > the integrity adequately?
It's just as good as verifying the signature of a key with short ID 4F25E3B6. As you can soon see elsewhere in this thread, I don't think it practically adds anything. Proper verification of the key requires not relying on the short key ID, or even the long one for that matter. It means you check the fingerprint of the key, which is much longer. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter> _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
