Sun Mar 2 21:38:02 2003
-----BEGIN PGP SIGNED MESSAGE-----
Am Sonntag, 2. M=E4rz 2003 20:01 schrieb Per Tunedal:
> At 18:27 2003-03-02 +0100, you wrote:
> >Am Sonntag, 2. M=E4rz 2003 13:43 schrieb Per Tunedal:
> >> Hi Peter,
> >> At 21:37 2003-03-02 +1100, Peter Lavender wrote:
> >> >Hi Everyone,
> >> >
> >> >As I currently understand it, the idea is to get my own key signe=
> >> >others. Once my key is signed by someone else, they export it
> >> They may export the signed key to a keyserver and anyone updating t=
> >> key from the keyserver will learn about the new signatures. You may
> >> download your own key with the new signatures from the keyserver as
> >> welll.
> >IMHO the signer should send the signed key to the owner and let the o=
> >decide if he wants the signatuer or not.
> >After a key signing party you may get a lot of signatures and the key
> > owner should decide wich signatures he will accept and upload.
> >Best regards
> Unfortunately the key owner cannot decide on what signatures to "accept=
> anyone can sign a key and anyone can send the signed key to a key serve=
You are right. It's unfortunately not possible to hinder somebody to sign=
key and updateing a key-server.
I someone signs my key, sends it back to me then I can decide to ignore t=
signing or to import it into my keyring and send it to the keyserver myse=
I think it's a question of courtesy not to send foreign keys directly to =
> It's up to you to decide which signatures to trust. If a key that is ne=
> you is signed by several others you might be lucky to find it signed by
> someone you trust. That's the WOT.
> Per Tunedal
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
-----END PGP SIGNATURE-----