mailto with pgp fingerprint

Sam Gleske sam.mxracer at
Thu Jul 24 02:14:18 CEST 2014

I'm hoping will hopefully resolve the issue of identity checking
with key fingerprints.

For example, my keybase account is...

My friends who regularly interact with me on github (and more rarely
twitter) as well as the domain(s) I own will help to give my recipients the
benefit of the doubt that my key is what I say it is when they only see it
in an email.

On Tue, Jul 22, 2014 at 10:27 AM, Werner Koch <wk at> wrote:

> On Tue, 22 Jul 2014 09:40, enigmail at said:
> > More and more we seem to have the problem of faked keys in the key
> > servers. This especially applies to "well known" keys such as
> > authors of magazines and famous tools.
> This is actually the problem of checking the validity of the key.
> Granted, gpg is not smart enough to figure out the best matching key but
> that is something which can be fixed.
> A more simple way of tackling this is to use PKA or DANE for key
> validation: For sending mail you already need DNS and thus it would be
> easy to retrieve the matching key from the DNS.  The drawback is that
> this must be configured by the key owner and can't be changed by the
> sender.
> Shalom-Salam,
>    Werner
> --
> Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at

8D8B F0E2 42D8 A068 572E
BF3C E8F7 3234 7257 E65F
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20140723/f053abff/attachment.html>

More information about the Gnupg-users mailing list