[ Date Index ][
Thread Index ]
[ <= Previous by date / thread ] [ Next by date / thread => ]
On Wed, 5 Nov 2003 22:25:21 +0000
Neil Williams <linux@xxxxxxxxxxxxxx> wrote:
Hello Neil,
> > I always worry about auto key retrieval; Certainly, for most
> > things, it's fine, but when dealing with truly sensitive data, proof
> That is true, however, by retrieving the key from a keyserver you
> aren't validating the key, only the signature made by the key. To
Phew! A long reply. Not what I was expecting, at all. :-)
I was expecting something along the lines of "Don't be so up-tight".
Well, alright, I was expecting "Don't be an ass". :-)
I already understood a great deal of what you wrote, and obviously,
without proving someone's identity, I'd never sign their key, anyway.
I've rarely used PGP "in anger", and when I have, we had to jump through
hoops to get keys validated, since the likelihood of meeting up was
non-existent, due to the fact I live in the UK, and some of the other
people lived as far apart as New Zealand, South Africa, and Sweden.
--
Regards _
/ ) "The blindingly obvious is
/ _)rad never immediately apparent"
--
The Mailing List for the Devon & Cornwall LUG
Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the
message body to unsubscribe.