[Announce] new gnupg snapshot

Thu Apr 12 20:59:01 2001

On Fri, 6 Apr 2001, Frank Tobin wrote:

> I'm not clearly seeing why importing a secret key, alone, is any threat.

It isn't. I suspect this was a quick hack to solve the problem -- fixing
the trust issue was probably more complicated.

This isn't a good long-term solution; the way PGP handles trust on
imported secret keys is, in my opinion, the optimal way of doing things.

__

Len Sassaman

Security Architect            |  "God is what mind becomes when
Technology Consultant         |   it has passed beyond the scale
                              |   of our comprehension."
http://sion.quickie.net       |                  --Freeman Dyson