MIME or inline signature ?

Ludwig Hügelschäfer mlisten at hammernoch.net
Sun Feb 15 12:26:16 CET 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 14.02.15 23:05, Stephan Beck wrote:

> Well, it's rather a precautionary measure than an actual security
> measure, , reminding me of not trusting the key owner's ability to
> handle and verify signatures correctly, if he/she uses a signature
> no one has the chance to check because the information about the
> public key's location isn't indicated by its owner in his/her very
> message. I assigned the "I do not trust him" attribute to the first
> key he used in a previous message.

You seem to have misunderstood what ownertrust is good for. Trusting
an owner about placing his signatures is not about how she/he signs
messages.

It is about how carefully she/he checks identity and mail address
before signing other keys. You can only judge that if you have seen
her/him in real life doing that.

Ludwig

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCgAGBQJU4IJXAAoJEDrb+m0Aoeb+e8cP/i+xCIAxQKKl4ON05EARINzV
z/PdEZFXMheOXZXVS8icw/hTNlGJkc8wm8RJ3BrkFtMSecrQiA0jrC7SUQ69+wKE
xBGc9hAP+IH07bXyThRFp6mujLD/nyyzbF37VzTcced1kgvSDnCn6G5dokvC4kgu
QORDnsBf20qettMOjORss6UChxdSgJFfNPbYD0QLOoGjM6MYFOMyG8a1bDV+KUa5
jL4EUTn6Zqvh0pXcDigcXj/UThcozNDzez95ugYue59QGBdKe6LSeMOtmLkss9b9
V1lYxiv6gquHcfd/ygDFO5VNozgOeqI3OAFzIIeL8bYoK60a0guvmaUZjp3QPw6q
TYDW27rKCMWigllU1fC8brl5Jl3w/NDvNvWANxCh8EgEHXNCA/mWdrpRhp2/9LFE
vQsCdV3CowgZLXOJFXAOT4y05FJFfeAbQmqcoNQJNghhFyggFAjKUBwXKmA6Rzp1
DGoeYD1xe3pWqL+cQpBxOH7ORzAMrhEiqeOueQYGOwZcxnZ7IvydfN/BrYy3Z+tY
3VkFEnO/jU/X0/wmf8Gv+yV8mQLu2wm7ruLLzM9H46SyQBpBRGMQNC48mxLaFybL
Rwc30cjnCacfbyIM14byG6a/qSaIOwHw4536K5PdbAHThm1ICatAc1rM2OnFrlSy
PgdlXsrt4jpJ4qokILlI
=Ryh9
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list