Copy Current GPG Installation to Another Server
Peter Lebbing
peter at digitalbrains.com
Tue Mar 17 22:15:15 CET 2015
On 17/03/15 22:09, Clark Rivard wrote:
> I used the "sha1sum" option and got the expected result - does this verify the integrity adequately?
It's just as good as verifying the signature of a key with short ID 4F25E3B6. As
you can soon see elsewhere in this thread, I don't think it practically adds
anything. Proper verification of the key requires not relying on the short key
ID, or even the long one for that matter. It means you check the fingerprint of
the key, which is much longer.
HTH,
Peter.
--
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
More information about the Gnupg-users
mailing list