Re: Kmail and gpg
On Thu, 3 Oct 2002 15:17, Ben Burton wrote:
> > so you have to do
> > gpg --edit-key <email-address>
> > Command> sign
> > Command> trust
> > Command> save
>
> No! You should only ever sign a key if you can be sure the key belongs to
> the person who claims to own it. This generally means you have received
> the key (or its fingerprint) through a non-electronic medium - such as in
> person on a slip of paper - and you have verified the identify of its
> owner, such as by checking a drivers' license or passport.
I was under the impression that the original message was about your own key,
which you should sign (keys that aren't self-signed are worthless).
Presumably you don't need to look at your own drivers' license.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
Reply to: