[Announce] new gnupg snapshot

Frank Tobin ftobin@uiuc.edu
Sat Apr 7 19:54:09 2001

RJ Marquette, at 11:50 -0400 on Sat, 7 Apr 2001, wrote:

    > Well, it can't happen without the user noticing it anymore. Till now
    > you could import a bunch of public keys and this didn't prevent
    > importing of a secret key hidden amongst them. Now you see that
    > there's somebody trying to feed you with a secret key. You can of
    > course import it (in a second go with the --allow-secret-key-import
    > switch), but it doesn't work without you noticing it.

Aargh, noone has yet said why importing a secret key is bad, and should be
limited in any way.

They have talked about why importing trust is bad, but importing trust !=
importing a secret key.

Frank Tobin		http://www.uiuc.edu/~ftobin/