Non email addresses in UID
Leo Gaspard
ekleog at gmail.com
Tue Jan 28 20:13:30 CET 2014
On Fri, Jan 24, 2014 at 11:08:16PM +0000, Steve Jones wrote:
> [...]
>
> Finally there's the possibility of explicit verification, if someone
> sends me a challenge and I publish that challenge's signature on my
> blog then that verifies that I am in control of that private key and
> can publish to that blog.
>
> [...]
Wouldn't it be better to publish unencrypted (and unsigned) a challenge received
encrypted? As signing unknown data should be avoided, as noone knows whether
this data won't ever have a real meaning one does not intend to mean.
Hope this message is not syntactically flawed to the point of being meaningless,
Leo
More information about the Gnupg-users
mailing list