Key signing without a fingerprint?
Marc Mutz
mutz@kde.org
Tue Feb 12 22:07:01 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wednesday 30 January 2002 21:21, Ingo Kl=F6cker wrote:
<snip>
> > Would you consider this sufficient security for signing a key?
> Yes and no.
<snip>
> No, because you should still check if he really controls the email
> addresses he claims to control before you sign his user ids.
<snip>
A protocol for this can be obtained from here:
http://www.mathematik.uni-bielefeld.de/~mmutz/sign-policy.html
Marc
- --=20
Marc Mutz <mutz@kde.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8aYM93oWD+L2/6DgRAoOlAJwKQjAiUCvBdnDLVC+7ycdHWzDzPQCgiaPQ
f52gmkRbOjovs6nWFXdJLgU=3D
=3DcY8k
-----END PGP SIGNATURE-----