trust your corporation for keyowner identification?

MFPA expires2013 at ymail.com
Wed Nov 6 01:47:23 CET 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Tuesday 5 November 2013 at 11:03:19 PM, in
<mid:52797937.5090404 at gmail.com>, Paul R. Ramer wrote:

> But if you sign it with an exportable
> signature, you are saying to others that you have
> verified the key.

In the absence of a published keysigning policy, isn't that an
assumption?





> Collusion is the only way that I know of,

I guess coercion would fit, as well.


- --
Best regards

MFPA                    mailto:expires2013 at ymail.com

The greatest of faults is to be conscious of none.
-----BEGIN PGP SIGNATURE-----

iPQEAQEKAF4FAlJ5kaRXFIAAAAAALgAgaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl
bnBncC5maWZ0aGhvcnNlbWFuLm5ldEJBMjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0
N0VDQTAzAAoJEKipC46tDG5pyMMD/37UAP0abP2L6tVKQPbH/ie77fo79Pg4OKop
jKwDuzBGFrdxKhgV1Y4+Q6h4u8N/xyahtp6yqBjlEj74K+8UBSEtvc8qbNw4g2BU
hk3meLpwJw9N92fLJxOvoUQamuotLBOt8ebbKMy3PZgh1jKPponrc54YfoHQ0zI+
tlo6P27m
=SN+2
-----END PGP SIGNATURE-----




More information about the Gnupg-users mailing list