Keysigning challenge policies/procedures

Michael Kallas michael.kallas at
Sat Jul 8 18:01:54 CEST 2006

David Shaw schrieb:
> I've been away on vacation and only picked up this thread now.  This
> statement is not correct.  Back in the PGP 2.x days, this might have
> been true, but with OpenPGP, there is no particular requirement that
> the ability to sign and the ability to decrypt are connected.  You can
> have a shared key with separate capabilities.
> Sending an signed key via encrypted mail does not ensure anything
> about the key owner.
Why not?
Sorry, this conclusion was too fast for me, could you please explain a
little bit?

Best wishes

Nobody can save your freedom but YOU -
become a fellow of the FSF Europe!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
Url : /pipermail/attachments/20060708/6d271fed/signature.pgp

More information about the Gnupg-users mailing list