can someone verify the gnupg Fingerprint for pubkey?

david at gbenet.com david at gbenet.com
Thu Jun 7 17:18:33 CEST 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 07/06/12 14:17, Peter Lebbing wrote:
> On 07/06/12 06:23, david at gbenet.com wrote:
>> Clearly you failed to follow my link and clearly you failed to check the
>> public key for gnupg. Now being a little confused try and get a clear
>> question in your mind - is it Verner's key that you have such a passion to
>> verify or gnupg?
> 
> I'm sorry, but I'm tech savvy and have some knowledge of OpenPGP and stuff and
> I'm quite confused about what you are trying to say in this mail.
> 
> I'm also a bit worried that your mail can be read as quite brusque for no good
> reason. Perhaps it comes across diferently than you meant.
> 
> Peter. 
> 
Peter,

To put matters simply, (1) Verner's key is not the same as gnupg's key (2) You can confirm
the validity of Verner's key by meeting him (3) you can confirm that gnupg is running on
your computer gpg/2 --version..

The subject of your e-mail is: can someone verify the gnupg Fingerprint for pubkey?

I gave  you a direct link to import gnupg's public key - but pointed out to you that the
"normal" procedure for verification would not work i.e all your public keys are by default
untrustworthy and that the only way to verify a public key is owned by a person is to  meet
that person.

You have no way to verify that the public key belonging to gnupg is valid - but it does
exist on your computer. It's entirely up to you whether you trust it or not. It's a question
of reality.

Verner's key and gnupg's key are two separate keys - you can not confuse the two. Verner's
already explained this to you in some detail.

To conclude - the only key you can trust ultimately is your own. When  you have met some one
and confirmed their ID as indicated you can set a level of trust to "fully." It does not
matter how many people have signed a public key belonging to someone - they are all
untrustedworthy - until that is you meet that person in reality.

As to the question: can someone verify the gnupg Fingerprint for pubkey? The answer is no.
Why? It is not a person but a bit of software.

I am usually quite good natured :)

David


- -- 
“See the sanity of the man! No gods, no angels, no demons, no body. Nothing of the
kind.Stern, sane,every brain-cell perfect and complete even at the moment of death. No
delusion.” https://linuxcounter.net/user/512854.html - http://gbenet.com/blog
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJP0MZJAAoJEOJpqm7flRExmHEIAIJhfJF5/H62o2Plrj54/jMi
hUb7pyp9e+X1LLazT7R80PEsA03z8xU7N0yOqfp70HmE5y6+RrNYc0hyyCPnaYXB
1sLShpb9bA0DxUknP51QHeWDxp19noDEwCWDUC6xkrQYgj8L8lPkOTAynbm2Wd+f
DGQAyxiFd7b5Pglyd+lxAwvcGHKosyfePofI5JJuj+bABmS+RNGzGUiX4ssVl+Ft
63bfDJd+Ow6ew1U0m+e265KcugRe6mlAdCTdRgGTyGBuKL+tbV0yiyc9x7FlpHsz
gBjC6b8EmTWJeAk3C9YMtvsonPnkJ2/i2SggYU4WrprEJlexWlD+O1oUJBxA4n8=
=Fla8
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list