explain nrsign & lsign?
John W. Moore III
jmoore3rd at bellsouth.net
Sun Jan 28 20:49:47 CET 2007
-----BEGIN PGP SIGNED MESSAGE-----
> that said, is there any reason NOT to (or, any advantage to ...):
> *l*sign "B" with "A", and, therefore, NOT distribute "A" to the
> keyservers &/or via export -- and, instead, reference the "A"
> trust-ing-pubkey @ a web page?
There is somewhat constant debate over the best method. Many believe
that Email addresses are 'harvested' from the Servers by bots intent on
increasing the Spammers database. Many others argue that they haven't
been affected by /increased/ Spam and not publishing to the Servers
negates the ability to Verify a Sig from a Key not currently existing on
the recipients Keyring. When the Key is on the Servers the 'automatic'
Key Retrieval options in GnuPG & PGP handle this situation quite nicely.
I use both methods.
Timestamp: Sunday 28 Jan 2007, 14:49 --500 (Eastern Standard Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7-svn4405: (MingW32)
Comment: Public Key at: http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust: http://www.gswot.org
Comment: My Homepage: http://tinyurl.com/yzhbhx
-----END PGP SIGNATURE-----
More information about the Gnupg-users