keyserver problems'

[JanuszA.Urbanowicz]

Allie Martin wrote/napisał[a]/schrieb:
> signatures associated. Also, there's no way of verifying a clearsigned
> message without importing the public key of the sender. There are many
> times I wish to verify a message from someone whom I don't frequently
> receive messages. It may be the only message that I receive from the
> particular sender. To verify the signature I have to first import the key
> and then verify the signature. This is recipe for a very cluttered local
> public keyring.

You can't verify the signature regrardless of it being clearsigned or fnot,
without having the sender public key because of way public key crypto
works. Check the math, it is not that complicated. And verifying a signature
without importing the key (if would possible with specifying of separate
key) is incredibly stupid thing because without importing it you can't make
trust calculation which defeats the purpose of the web of trust. See
for example Schneier's Apllied Crypto definition of how it works.

HTH, HAND.

Alex
-- 
Janusz A. Urbanowicz | ALEX3-RIPE | SF-Framling | Thawte Web Of Trust Notary

Gdy daję biednym chleb, nazywają mnie świętym. Gdy pytam, 
dlaczego biedni nie mają chleba, nazywają mnie komunistą. - abp. Helder Camara