can someone verify the gnupg Fingerprint for pubkey?

Robert J. Hansen rjh at
Thu Jun 7 20:29:38 CEST 2012

On 6/7/12 2:10 PM, Sam Whited wrote:
> ...yes, it's hardly onerous, but it's still one extra step that does 
> nothing for more advanced users (except perhaps when they haven't
> had enough coffee early in the morning :) ).

Friend of mine, a former law-enforcement officer, is a big believer in
checklists ever since he went into a violent drug raid and discovered
afterwards they'd forgotten to (a) let the ambulance service know they
were about to serve a high-risk warrant, (b) put on his body armor and
(c) chamber a round in his Glock.  After that he wrote down a checklist
on the back of his business card: "Warrant, Correct Address, Backup,
Comms, Ambulance Standby, Weapon, Armor."  Rest of his career he never
went through the door without first breaking out that checklist and
confirming that each and every category had been ticked off.

The moral of the story is that if it's important something always be
done, then it's important enough to add to a routine checklist.
Otherwise, you're sooner or later going to wind up like my friend:
shaking like a leaf and having nightmares for months about how things
could have gone much, much worse.

If people want to implement this feature as "--expert
--disable-sign-sanity-check", okay, then ... fine, I guess, --expert is
quite literally a "don't you dare second guess me just do what I say,
damn it!" flag.  But there's a very good reason why I don't use --expert
and why I've never met anyone whom I think *should* use it.

> It's the equivalent of the "remember my selection" button that should
> be on any dialog that's not performing something mission-critical.

Sanity-checking validation checks *is* mission-critical.  IMO, at least.

More information about the Gnupg-users mailing list