Question for app developers, like Enigmail etc. - Identicons
Andrew Gallagher
andrewg at andrewg.com
Wed Jun 7 08:50:28 CEST 2017
> On 7 Jun 2017, at 06:55, Stefan Claas <stefan.claas at posteo.de> wrote:
>
> The procedure went like this: I inserted my id-card in a certified
> card reader, which i purchased, startet the german certified id-card
> software "AusweisApp2" to connect to the CA Server and the server
> checked my id-card online and after verification send the signed
> pub-key to my email address. Can this procedure be faked by
> criminals etc.? I doubt it.
Everything *can* be faked, given enough time, effort and/or money. The correct question is *would* criminals etc go to the necessary lengths to fake this procedure, and the answer (as always) is: it depends on what it's worth to them. :-)
A
More information about the Gnupg-users
mailing list