I'm really enjoying GnuPG, especially the auto-fetch feature for unknown
keys (which never worked for me in PGP). As I accumulate public keys, I'd
like to lsign the keys (--lsign-key cmdarg) to remove that little warning.
Unfortunately, there's no good way to authenticate the key.
What do you guys do? Put up with the warning? Sign the key even if you're
not sure? Use the X-PGP-Fingerprint header as a second validation? Use
fingerprints in signatures?
We should have a little poll. :-)
Thanks,
js.
--
Jean-Sebastien Morisset, Sr. UNIX Administrator <[EMAIL PROTECTED]>
Personal Homepage <http://jsmoriss.mvlan.net/>
This is Linux Country. On a quiet night you can hear Windows NT reboot!
---------------- please pgp encrypt all correspondence ----------------
PGP signature
