gpg --recv-key option
Kevin D. Knerr, Sr.
Sat, 25 Mar 2000 09:25:16 -0500 (EST)
On 24 Mar, Frank Tobin wrote:
> Marius Strom, at 16:29 -0600 on Fri, 24 Mar 2000, wrote:
>> Imagine if your name is "Bob Smith", a very common name I'm sure. gpg
>> --recv-key --keyserver whatever Bob Smith would download a HUGE chunk of
>> keys. That just wouldn't be right.
> It is not wrong. GnuPG could very easily handle this. The standard
> keyservers don't seem return a keyblock for non-ID searches; they return a
> list of possible keys, describing their size, hexID, user ids, etc.
> GnuPG would then present these user ID's to the user, and then the user
> would select which hexID(s) to download. There is no need to get every
> match for "Bob Smith".
>> I think it is good to go the the pgp.mit.edu key search, search for your
>> friend Bob Smith, then snag his key by HexID.
> How does this solve the issue? How do you know which Bob Smith to choose?
Seems to me that Frank has put his virtual finger on the crux of the
issue: How *do* you know which to choose? Even if GnuPG presented the
possible matches to the user, the only thing that's gained is not
hopping to the web browser.
>From a practical standpoint, it seems that the easiest way to handle the
transaction is to have Bob Smith send you a signed email. When you (or
your email program) verify the signature, you will get the correct key
from the keyserver, which you can then use for future communications.
If nothing else, my keyring is being filled with keys in this manner ...
firstname.lastname@example.org | http://geocities.com/Area51/Shire/4063
Organization: The Pennswald Group -- Linux powered!!
gpg fingerprint: 8D3F 4BFF D36B BFCC FEE5 86A0 2AAF D3DA C395 641E
Of course, America had often been discovered before Columbus,
but it had always been hushed up. - Oscar Wilde