re. Moving from PGP to GnuPG and other questions ...

Doug Barton DougB at dougbarton.net
Fri Apr 30 02:02:23 CEST 2004


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Another way to approach this is to sign the key, then encrypt it with
itself and mail it to the address specified in the identity. This
accomplishes verification that the e-mail address is valid, verification
that the person at the other end has control of the secret key, and puts
the responsibility of uploading the signed key on them.

This method gets a little cumbersome if the person has multiple
identities on the same key, but in that situation I generally just sign
each identity individually and mail that version of the signed key to
that e-mail address.

HTH,

Doug

- --
    If you're never wrong, you're not trying hard enough
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (MingW32)

iD4DBQFAkZePyIakK9Wy8PsRAv6iAJjCND0LG6/xBcazQDF9HpyyttBiAKDyYKjg
J0PYQKl7sTFRmUDZKKyMrw==
=u9DE
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list