key-signing and stolen subkeys
dgc at uchicago.edu
Mon May 24 06:49:56 CEST 2004
* On 2004.05.23, in <Pine.BSD.4.58L0.0405231823100.55001 at erfrnepu.fhfcvpvbhf.bet>,
* "Atom 'Smasher'" <atom at suspicious.org> wrote:
> i wouldn't expect ~you~ to fall for this trick... but someone who is new
> to pgp and doesn't fully understand public key crypto can be tricked into
> using this broken keysigning protocol:
Someone who's that green can be tricked, misguided, or can himself
stumble into a lot of bad behaviors. If you try to address them all in
documentation, as in software, you wind up with a cumbersome mass that
doesn't suit the needs of some other set of users as well as it could.
Perhaps a note concerning how to go about a key signing belongs in
some kind of beginner material, but such a note should focus more on
describing good procedure more than on admonishing against bad. There
are always many more bad procedures.
-D. dgc at uchicago.edu NSIT::ENSS
No money, no book. No book, no study. No study, no pass.
No pass, no graduate. No graduate, no job. No job, no money.
T h e U n i v e r s i t y o f C h i c a g o
More information about the Gnupg-users