Proposal of OpenPGP Email Validation
2014-667rhzu3dc-lists-groups at riseup.net
Thu Jul 30 12:23:20 CEST 2015
-----BEGIN PGP SIGNED MESSAGE-----
On Thursday 30 July 2015 at 9:27:37 AM, in
<mid:55B9DFF9.6080507 at gmail.com>, Viktor Dick wrote:
> On 2015-07-30 10:17, Ingo Klöcker wrote:
>> I'm sorry to tell you that you have fallen into the trap. There is only one
>> genuine pgpCA at ct.heise.de key the fingerprint of which is printed in each
>> issue of the c't magazine. The other one is a fake. And the fact that the fake
>> key with the author's email address is signed by different keys only means
>> that a lot of people have signed this fake key without following the proper
>> procedure of key validation (or that the trolls created even more fake keys to
>> sign the author's fake key to make it look more credible).
> Not according to
> where three different keys are listed (two DSS and one
I concur that the keys 38EA4970 and E1374764 both look likely to be
genuine. One has signatures from B3B2A12C, the other from DAFFB000.
The link above lists as "ct magazine CERTIFICATE <pgpCA at ct.heise.de>"
keys B3B2A12C and DAFFB000, as well as a third key BB1D9F6D.
As for the other non-revoked keys I found by searching for "schmidt
juergen heise de":-
all four are signed by a "ct magazine CERTIFICATE
<pgpCA at ct.heise.de>" key F6ADD6C2 that is not listed on the
all four are also signed by a "ct magazine CERTIFICATE <ct
magazine CERTIFICATE>" key FB4DFDC6.
one of the four has a UID claiming itself to be another "ct
magazine CERTIFICATE <pgpCA at ct.heise.de>" as well as being
Juergen Schmidt's key.
Also all four have the same creation date.
I guess anybody being fooled didn't look at the page linked above, or
they would have used key 2C26A309 "ct magazine pgpCA CommunicationKey
2015 <pgpCA at ct.heise.de>" when contacting the magazine. (-;
MFPA <mailto:2014-667rhzu3dc-lists-groups at riseup.net>
This message represents the official view of the voices in my head.
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the Gnupg-users