Semi-off-topic - Netiquette ?
Marc Mutz
Marc.Mutz@uni-bielefeld.de
Tue Jul 17 12:42:01 2001
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tuesday 17 July 2001 11:49, Peter Lavender wrote:
<snip>
> This sounds like what I have been after. I've read the manual and
> have read a web of trust doc somewhere that espouses the virtue of
> having the public key info (my key is already on a keyserver)
> available publicly like in your signature, but what do I put in
> there? Finger print? Key ID? How is that benefical?
<snip>
I don't think that adding your fingerprint to your (mail)
signature/footer is wise. It only leads people to believe it and not
check it properly. Mail can be faked very easily. Even signing doesn't
help here, because the peer can't be sure that there wasn't someone on
the way that substituted the fingerprint and ID on the way and signed
the mail it himself after removing yours.
The best way to distribute your public key is to upload it to the
keyservers and always sign all your messages. This shows people that
you not only own a PGP key, but that you also use it actively.
Marc
- --
Marc Mutz <Marc@Mutz.com>
http://marc.mutz.com/
http://www.mathematik.uni-bielefeld.de/~mmutz/
http://EncryptionHOWTO.sourceforge.net/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE7VE5b3oWD+L2/6DgRAnJKAKDA8IicZxo8WV+ywQsZsTOY8gO73QCcCC51
VP7YSQkCdPIC/IS/T6i6gsk=
=cRO2
-----END PGP SIGNATURE-----