Hi everyone,
I'm new to GnuPG. I'm trying to install it for MacOSX, and I have a
beginner's question.
***Do I need to verify more information about the validity of GnuPG if:
1.) The SHA-256 checksum on my Mac's Terminal matches the one on
SourceForge where the Mac installer (.dmg) file is?
2.)
> - The trust in the correspondent's public key is established only
> by comparing the key fingerprint derived programmatically from the
> locally stored key-file and a copy independently obtained from
> the owner. The only identification of a public key is its fingerprint.
> Since the public key i
Robert J. Hansen wrote:
> > - The trust in the correspondent's public key is established only
> > by comparing the key fingerprint derived programmatically from the
> > locally stored key-file and a copy independently obtained from
> > the owner. The only identification of a public key is its
> >
On 2020-05-23 at 12:30 -0400, Robert J. Hansen wrote:
> > - The trust in the correspondent's public key is established only
> > by comparing the key fingerprint derived programmatically from the
> > locally stored key-file and a copy independently obtained from
> > the owner. The only identificatio
> I see a big hole in the validation part. The steps providex are
> validating the offline identity but not matching it to the certificate
> uid.
Correct, and that's by design.
There is no -- *NO* -- generally understood meaning for user IDs beyond
"the name here is a meaningful term of address f
I'm sure this is a pretty stupid question but I'm trying to figure out
which files I need to backup to safeguard my keys. All the docs I have
seen so far are for the older versions of GNUPG before it changed the
format of the keys.
Anyway what files (and/or folders) should I be backing up to a
