Answer: Are SHA1 sums on gnupg.org checked regularly?
peter at digitalbrains.com
Fri Jul 26 20:26:27 CEST 2013
On 26/07/13 17:31, Jan wrote:
> I'm thinking of someone how uses windows and wants to install gnupg for the
> first time. How can he/she rely on OpenPGP?
By running a Linux Live CD to do the verification. How does he know the CD is
genuine? The thing is, somewhere the trust has to start. It's a bootstrapping
Also, how do you trust the OpenPGP signature is made by the correct key, etcetera.
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
More information about the Gnupg-users