email verification as casual checking?

Steve Jones steve at
Thu Aug 28 00:58:04 CEST 2014

On Sat, 23 Aug 2014 12:56:11 +0200
Philip Jackson <philip.jackson at> wrote:

> - the email address belongs to a person who does control the key and
> he may or may not be the person named in the email address.  I am
> risking my secrets with an unknown person.  I had better take care of
> the nature of those secrets.  It looks like this is the case covered
> by your original post.

Presumably you have an email address of the person for some reason,
whether or not you want to send secrets to that address depends on
where you got it. What you want to know is: how do you send those
secrets securely? If the keyserver has certified the key with a
challenge response protocol you've got your answer.

Ideally you'd have an email address and a fingerprint, but often you

Steve Jones <steve at>
Key fingerprint: 3550 BFC8 D7BA 4286 0FBC  4272 2AC8 A680 7167 C896
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
URL: </pipermail/attachments/20140827/b0631d56/attachment.sig>

More information about the Gnupg-users mailing list