Re: "Certify" only master key

2013-07-31 Thread Daniel Kahn Gillmor
On 07/30/2013 07:10 PM, atair wrote: > What is the advantage of having a certify+sign master key? Note that if you have access to the secret key material of the primary key in an OpenPGP certificate (what you're calling the "master key"), there is nothing stopping you from reissuing the certifi

Successful experiment boosting the number of users using OpenPGP verification for file download

2013-07-31 Thread adrelanos
Hi! I hope you are interested in the results of a little experiment. Q: How many users downloaded OpenPGP signatures with the old design of download page? (You can see the design here: [1] [2]) A: 1 in ~30 users. Q: How many users downloaded OpenPGP signatures after adding a colored download ta

gpg use in Debian popcon

2013-07-31 Thread Bill Allombert
Dear GnuPG people, I am the maintainer of Debian popularity-contest I would like to encrypt reports with a public key provided by the package before sending them. Currently I am using the following invocation: (Currently gpg used is 1.4.12) gpg --no-default-keyring --k

Re: gpg use in Debian popcon

2013-07-31 Thread Daniel Kahn Gillmor
hi Bill-- On 07/31/2013 07:51 AM, Bill Allombert wrote: > I am the maintainer of Debian popularity-contest > thank you! > 1) This creates spurious empty files in /root/.gnupg Maybe you want the --no-options flag? --no-options Shortcut for --options /dev/null. T