Please test :)
Marcus Brinkmann
marcus.brinkmann at ruhr-uni-bochum.de
Mon Aug 17 20:17:05 CEST 2009
David Shaw wrote:
> There is also a check-cert / no-check-cert option to enable checking or
> not. It's actually a bit of a question whether the default should be to
> check or not to check (it's currently defaulting to check). Usually,
> you'd want to check by default, but in the case of OpenPGP keys, the
> keys are not validated by the keyserver anyway.
Protecting the channel is important if for example replay attacks are a
concern, and you want to avoid a man in the middle providing out of date keys
and suppressing revoke certificates.
Thanks,
Marcus
More information about the Gnupg-devel
mailing list