On Fri, Jul 30, 1999 at 11:41:37AM -0500, Manoj Srivastava wrote:
/*
* keeping -mentors for this message only, replies are likely to get even
* more off-charter for that group, so don't reply there. Note I'm not
* subscribed to -user, however...
*/
> Yes, though now that you point it
On Fri, Jul 30, 1999 at 08:32:23AM -0500, Jor-el wrote:
> Scenery is here, wish you were beautiful.
wish you were a little less (not much though) paranoid.. =p
> Actually, there could be a possible reason for this if the
> rejection criteria applied by the new-maintainers group is applied
Scenery is here, wish you were beautiful.
On Fri, 30 Jul 1999, Joseph Carter wrote:
> On Fri, Jul 30, 1999 at 01:29:35AM -0500, Manoj Srivastava wrote:
> > Brian> You need to be sure that you are signing the *correct* public
> > Brian> key, and not just any public key that happened to be crea
Hi,
[cross posted to debian-user, since this has gone beyond the
charter of the -mentor list] ;-)
>>"Joseph" == Joseph Carter <[EMAIL PROTECTED]> writes:
>>"Brian" == Brian May <[EMAIL PROTECTED]> writes:
Brian> So we agree. You wouldn't sign the key without checking the
Brian> f
Hi,
>>"Brian" == Brian May <[EMAIL PROTECTED]> writes:
Brian> So we agree. You wouldn't sign the key without checking the
Brian> fingerprint first. The idea being, if the fingerprint matches,
Brian> then John Smith must have the matching private key (and not
Brian> somebody else).
Yes
On Fri, Jul 30, 1999 at 01:29:35AM -0500, Manoj Srivastava wrote:
> Brian> You need to be sure that you are signing the *correct* public
> Brian> key, and not just any public key that happened to be created
> Brian> with "John Smith"'s id (which is publicly known).
>
> When I sign a key
On Fri, Jul 30, 1999 at 01:29:35AM -0500, Manoj Srivastava wrote:
> This is quite confused. The fingerprint is of the public key
> (or else how do you check it? No one should be giving anyone a look
> at the private key at all).
Thats exactly what I meant.
> I think you are miss
Hi,
>>"Brian" == Brian May <[EMAIL PROTECTED]> writes:
Brian> You need to be sure that you are signing the *correct* public
Brian> key, and not just any public key that happened to be created
Brian> with "John Smith"'s id (which is publicly known).
When I sign a key, I have am standing
On Thu, Jul 29, 1999 at 01:58:15AM -0500, Manoj Srivastava wrote:
> Buddha> It seems that there is a missing step -- verification that I
> Buddha> know "John Smith"'s private key. Without that, you are
>
> How can you know someone's private key? (A nit: In any case,
> you don't sign a
Hi,
>>"Buddha" == Buddha Buck <[EMAIL PROTECTED]> writes:
Buddha> I have the ability to generate the fingerprint on any key that I have
Buddha> available to me. Therefore, if I had a public key created and signed
Buddha> by "John Smith", I could in fact generate the fingerprint for that key.
On Wed, 28 Jul 1999, Jor-el wrote:
> Maybe I am being unusually dense here, but what proof did you see
> that the [EMAIL PROTECTED] id actually belonged to me? For all you know, it
> could be the id used by Bill Gates himself, with my name tagged onto it.
> Unless you look up my ISP records,
-BEGIN PGP SIGNED MESSAGE-
Adam,
Your statements seem to be based on the assumption that Debian
communication is the sum total of my email. Not true. I indeed use
procmail, and have done so for quite sometime now, and I even venture to
suggest that I might be able to teach you a t
-BEGIN PGP SIGNED MESSAGE-
Send your questions to ``ASK ZIPPY'', Box 40474, San Francisco, CA
94140, USA
On Wed, 28 Jul 1999, Adam Rogoyski wrote:
> On Tue, 27 Jul 1999, Jor-el wrote:
>
> > Hi,
> >
> > I recently had a developer sign my PGP key, but I havent yet
> > resolved in m
>
>You are missing the point here. I met you, learned by Government
> issued ID that you are, infact, Kenneth Stephen, which is the name that
> appears on the pgp key who's fingerprint you gave me at our meeting. Upon
> retrieving your actual public key and verifying the fingerprint, I know
On Tue, 27 Jul 1999, Jor-el wrote:
> Hi,
>
> I recently had a developer sign my PGP key, but I havent yet
> resolved in my own mind some of the points he brought up.
>
> I use two email ids : this one (Jor-el <[EMAIL PROTECTED]>) and
> another one which uses my real name, and which f
On Tue, 27 Jul 1999, Jor-el wrote:
> 3. As I pointed out in my email, if the developer in question
> wasnt sure that the email id of Jor-el belonged to me, then he wouldnt be
> able to sign the following id too : "Bob Smith" <[EMAIL PROTECTED]>. This is
> so ridiculous, becuase it is perfec
On Tue, Jul 27, 1999 at 04:14:12PM -0500, Jor-el wrote:
> > You want someone to correspond with you regarding some serious things
> > without you letting him know your real name?
>
> 1. The developer in question _does_ know my real name.
>
> 2. If you are talking about someone who ha
Josip,
1. The developer in question _does_ know my real name.
2. If you are talking about someone who hasnt met me in real
life, even assuming that I use my "Bob Smith" id, how in heavens name will
they know that it is my real name? They have to trust the fact that there
was a t
On Tue, Jul 27, 1999 at 01:00:04PM -0500, Jor-el wrote:
> 1. Should he have signed my PGP key if the id I sent him was "Bob Smith"
> <[EMAIL PROTECTED]> . The "Bob Smith" tag is totally arbitrary and has less
> permanance than the actual email id attached to it. If he could sign it
> with the "Bob
[EMAIL PROTECTED]
Subject: PGP and verifying ids / emails
Hi,
I recently had a developer sign my PGP key, but I havent yet
resolved in my own mind some of the points he brought up.
I use two email ids : this one (Jor-el <[EMAIL PROTECTED]>) and
another one which uses my real nam
20 matches
Mail list logo
