laying groundwork for an eventual migration away from SHA1 with gpg
Robert J. Hansen
rjh at sixdemonbag.org
Thu May 21 15:09:29 CEST 2009
Nicholas Cole wrote:
> I've never quite understood "Key Signing Parties" for this reason.
The reason is at least half social. It's a good excuse to get out of
the house and meet other people who have a shared interest.
For the most part, people at keysigning parties do not follow very good
document protocol -- if someone presented me with, say, an Arkansas
driver's license, I've never seen an Arkansas driver's license before,
so how could I know what one looks like or what security features to
look for?
Passports are far better and easier to check -- if I want to know what
to look for to make sure a passport is real, I just visit the website of
the issuing government.
More information about the Gnupg-devel
mailing list