Delete key from keyserver

B. Kuestner kuestner at
Mon Oct 24 20:41:02 CEST 2005

> If anything needs to change it is that the documentation

I can more and more see that thanks to everybody's willingness on  
this list to explain.

> That is exactly my point, NOBODY should rely on ANY of that  
> information to
> identify a key. The only identifier for a key is the fingerprint.

And documentation should be part of the whole process. There is so  
much to understand about private and public and passphrase and UID  
and e-mail access and fingerprint and web of trust and delete/revoke/ 
disable and ...

It will take some serious effort to make this practical for average Joe.

By the way, I do work in IT with a bunch of Sun boxes and databases,  
just never dove into mail encryption until recently. Now if I mess up  
so badly, then average Joe will, too. Or maybe not, because he or she  
will give up before that. And he wouldn't look for hidden config  
directories to delete them from the command line.

> Do NOT trust the UID until you can trust the fingerprint. If you  
> don't have
> verification of the fingerprint, you cannot trust the key - at all.  
> Zip.
> Zero.

I will suggest to the MacGPG team, that such clear information is  
also added into the software process, not just a help file. Again, it  
is great software and there's plenty room from 0.3 to 1.0 for such  
usability fixes.


More information about the Gnupg-users mailing list