Using the OTR plugin with Pidgin for verifying GPG public key fingerprints

erythrocyte firasmr786 at
Fri Mar 12 23:08:10 CET 2010

On 3/12/2010 5:33 PM, Robert J. Hansen wrote:
> The question isn't whether you can.  The question is whether it's wise.  The principle of using one credential to authorize the use of another credential is about as old as the hills.  The ways to exploit this are about as old as the hills, too. 

That actually got me thinking. Aren't keysigning parties based on that
model anyway?

You have an existing credential - a passport.
You then use that credential to verify another - a PGP key.


More information about the Gnupg-users mailing list