howto secure older keys after the recent attacks

Philippe Cerfon philcerf at
Thu Sep 10 23:44:29 CEST 2009

On Thu, Sep 10, 2009 at 10:21 PM, Robert J. Hansen <rjh at> wrote:
> I understood him to mean the "key ID" as the fingerprint of the
> certificate's primary signing key, rather than checking each bit of the
> certificate's primary signing key individually.

I meant the fingerprint, yes.
But now that you say it. Would it be "better" to not just check other
keys via their fingerprint, but to really copy them (e.g. per
USB-stick) from their owners and sign only such direct copies?


More information about the Gnupg-users mailing list