print and ID separately
> then, in order to verify control of email address and private key, send the
> signed ID encrypted to the provided email address.
>
>
>
> On Wed, Nov 13, 2013 at 11:49 AM, Phil Calvin wrote:
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I seem to recall reading somewhere that when exchanging keys in
person, you should not only have the person verify the key
fingerprint, but you should also present them with 1) an unpredictable
challenge document to sign or 2) verify that they can decr
