[Announce] new gnupg snapshot
Stefan Bellon
sbellon@sbellon.de
Sat Apr 7 15:58:10 2001
In article
<Pine.LNX.4.20.0104070857530.26810-100000@jackie.bellatlantic.net>,
RJ Marquette <rj@rmarq.pair.com> wrote:
> On Sat, 7 Apr 2001, Stefan Bellon wrote:
[snip]
> > So, I don't see any problem here. New users just _try_ things. So
> > they'll try to import as usual and then come across this message.
> > Not even a need to consult a man page, methinks.
> Still, I forsee a FAQ on this.
Could be, yes.
> Also, I'm not clear on how using this option prevents the attack. So,
> instead of doing it in one step, I do it in two... RJ <G> :)
Well, it can't happen without the user noticing it anymore. Till now
you could import a bunch of public keys and this didn't prevent
importing of a secret key hidden amongst them. Now you see that there's
somebody trying to feed you with a secret key. You can of course import
it (in a second go with the --allow-secret-key-import switch), but it
doesn't work without you noticing it.
Greetings,
Stefan.
--
Stefan Bellon * <mailto:sbellon@sbellon.de> * <http://www.sbellon.de/>
PGP 2.6 and GnuPG (OpenPGP) keys available from my home page
Never get between a programmer and the coffee machine