David Shaw wrote:
> On Sat, May 21, 2005 at 10:53:12AM -0500, Alex L. Mauer wrote:
> There are several reasons why it is a good idea for keyservers to
> store multiple signatures, but the main one is that they do not
> currently have any crypto code to actually verify the signatures.
> Without the
On Fri, 20 May 2005, Neil Williams wrote:
Why is a new signature (of either type) more important than an old one?
=
in many respects, a new self-sig is meant to replace and supersede an
older self-sig, not augment it. although it can be argued that old
self-sigs serve a h
On Sat, May 21, 2005 at 05:36:37PM -0500, Richard Laager wrote:
> On Sat, 2005-05-21 at 18:25 -0400, David Shaw wrote:
> > A revoked signature similarly is deleted, and takes out
> > the superceded signatures with it.
>
> You'd leave the signature revocation though, right? That way if the
> revoke
On Sat, 2005-05-21 at 18:25 -0400, David Shaw wrote:
> A revoked signature similarly is deleted, and takes out
> the superceded signatures with it.
You'd leave the signature revocation though, right? That way if the
revoked signature was imported from another source that didn't have the
signature
On Sat, May 21, 2005 at 10:53:12AM -0500, Alex L. Mauer wrote:
> On the other hand, if the signature has expired, since it becomes
> meaningless there's no reason to keep it. Look at the PGP Global
> Directory key for an example of where this could become a problem.
> It re-signs the keys every t
On Sat, May 21, 2005 at 08:32:34PM +0100, Neil Williams wrote:
> On Saturday 21 May 2005 4:53 pm, Alex L. Mauer wrote:
> > Yep, I understand the purposes of key signatures. But (unlike with your
> > bag/tie analogy), two signatures from the same key don't make a key
> > twice as valid.
>
> If t
On Saturday 21 May 2005 4:53 pm, Alex L. Mauer wrote:
> Yep, I understand the purposes of key signatures. But (unlike with your
> bag/tie analogy), two signatures from the same key don't make a key
> twice as valid.
If the signature expired, the new signature is needed. However, the *expired*
Yep, I understand the purposes of key signatures. But (unlike with your
bag/tie analogy), two signatures from the same key don't make a key
twice as valid. If only the most recent one is kept, that should be
sufficient. If you add a new uid, only that uid needs to be signed,
there's no need to
On Friday 20 May 2005 7:50 pm, Alex Mauer wrote:
> Neil Williams wrote:
> > Keyservers don't delete signatures so every time you self-sign, it
> > remains on the keyserver. Deleting the signature once a key has been sent
> > to a keyserver is pointless because refreshing the key will always import
Neil Williams wrote:
> Keyservers don't delete signatures so every time you self-sign, it remains on
> the keyserver. Deleting the signature once a key has been sent to a keyserver
> is pointless because refreshing the key will always import all the old
> signatures.
>
What's the reasoning be
Matthew East wrote:
> Hello,
>
> I am a relative newcomer to the world of GPG and I seek some
> help on a couple of problems I have.
>
> First, when searching for keys on keyservers (i've tried the
> one supplied by default with gpg as well as pgp.mit.edu) using
> the "gpg --search-keys" command
On Tuesday 03 May 2005 4:06 am, Matthew East wrote:
First, when searching for keys on keyservers (i've tried the one
supplied by default with gpg as well as pgp.mit.edu) using the "gpg
--search-keys" command, it just sits there for ages without doing
anything.
What command are you using? Search by
On Tuesday 03 May 2005 4:06 am, Matthew East wrote:
> First, when searching for keys on keyservers (i've tried the one
> supplied by default with gpg as well as pgp.mit.edu) using the "gpg
> --search-keys" command, it just sits there for ages without doing
> anything.
What command are you using? S
Hello,
I am a relative newcomer to the world of GPG and I seek some help on a
couple of problems I have.
First, when searching for keys on keyservers (i've tried the one
supplied by default with gpg as well as pgp.mit.edu) using the "gpg
--search-keys" command, it just sits there for ages without
14 matches
Mail list logo
