signing a robot's key - was: Re: Global Directory signatures
Atom 'Smasher'
atom at suspicious.org
Thu Dec 30 06:17:54 CET 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On Wed, 29 Dec 2004, Jason Harris wrote:
> Good luck. Each person who signed 0xCA57AD7C and uploaded their
> signature for others to use:
>
> http://keyserver.kjsl.com:11371/pks/lookup?op=vindex&search=0xCA57AD7C
================
YIKES!!
why on earth would anyone sign this key? the UID identifies the key as
belonging to "PGP Global Directory Verification Key"... can anyone prove
ownership of that key? has the owner of that key been going to key signing
parties all over the world?
the key has >250 signatures ranging from 0x10 - 0x13! can anyone explain
to me why they signed this key, and how they verified that the key
*really* is the "PGP Global Directory Verification Key"?
unless someone can explain to me why they had a good reason for signing
this key i'm tempted to include everyone who signed it in my "untrusted
signers" list. signing a robot's key seems to violate every good practice
of responsible keysigning.
- --
...atom
_________________________________________
PGP key - http://atom.smasher.org/pgp.txt
762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
-------------------------------------------------
Where is Lee Harvey Oswald now that we really need him?
-- Bumper Sticker
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (FreeBSD)
Comment: What is this gibberish?
Comment: http://atom.smasher.org/links/#digital_signatures
iQEcBAEBCAAGBQJB04+HAAoJEAx/d+cTpVciYRkH/2H1GZo00MV+Mx+Aeat00fe4
I8ZIbiQJpjgsSAH11aNxFJ45t8ytOs1kPCJb9KFQ85p3MPdrwblL0yOVGPbeFO72
lsmYzzS6drAgK56WmjFsRj8Ym/9Uw1WIl4lxovxRPjTK4034+pxfJw6NQINH36z6
lNvJPZVKb5DXR2LtDr4z+gKtbLtBARJG/unh2IpEbzt1p8mJaOtXLQOrnMkPySOY
t2OWyIWh+PXvi5f2/PG2m1fhF4FxzkT3ufX4Fsrj3kgZCPpRr03ZKSNtF6soCmpA
3YbVg9DejOVK8E8hw1uhDW+XpS8lZU46i6qpmKSZ7+rG91U93OlOTG7yJlBZso8=
=Rx/K
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list