Questions about OpenPGP best practices

Peter Lebbing peter at
Tue Feb 26 12:23:42 CET 2013

On 26/02/13 11:56, Werner Koch wrote:
> Thus, it won't harm you to add such a kind of Salvation Army CA.

Okay, you made me laugh out loud, thanks :).

It probably won't hurt to add the sks-keyservers CA, although I don't know how
well they guard their private key. Probably fairly well, these are crypto guys.
But there's the principle of the thing, you know? :) The CA is pretty powerful,
and only useful for keyservers. There's no advantage to installing it
system-wide versus putting it in your gpg.conf, I think. So why do it?


I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <>

More information about the Gnupg-users mailing list