Hi, According to "The GNU Privacy Handbook" : « a correspondent's key is validated by personally checking his key's fingerprint » (http://www.gnupg.org/gph/en/manual.html#AEN335) * is it equivalent or less secure to personally check the person's keyid ? * and why do most of people send their fingerprint in their message, since the fingerprint is the thing you want to check personally ?