Signing a key (meaning)
Charly Avital
shavital at mac.com
Fri Apr 8 06:10:03 CEST 2011
Faramir wrote the following on 4/7/11 8:29 PM:
> Oh, well, encryption faeries soon or latter will upload your keys to
> keyservers. And you can't prevent people from signing it, specially the
> newbies reading support lists.
I can't prevent it, but I may naively expect people to respect conventions.
And as you write further in your remarks, there is such a thing as a
local (non-exportable) signature.
>> I didn't invite this person to sign my key.
>
> Yes, but the default setting of GnuPG is not encrypt to untrusted
> keys, so the first thing a newbie might do is to sign the keys of people
> providing support in the list. After all, "trust all" doesn't sound any
> good.
"Trust all keys" is expedient and "not good".
Again: local signature.
> But local signatures is something we don't learn on the first day.
Eventually, one learns.
> your new key might be uploaded, if one day one of your correspondents drink decaffeinated
> coffee by mistake.
One must accept to live dangerously :-)
Thank you for remarks.
Charly
More information about the Gnupg-users
mailing list