preferring --check-sigs over --list-sigs [was: Re: Houston, we have a problem]
Andrew Gallagher
andrewg at andrewg.com
Thu Sep 28 15:43:54 CEST 2017
On 28/09/17 12:59, Stefan Claas wrote:
> When long time ago Facebook's pub key received it's vanity sigs i was
> upset and decided
> to no longer support traditional key servers and added this text to my key.
As I argued above, vanity signatures *shouldn't* be an issue - the
problem comes when client software blindly regurgitates vanity
signatures without any consideration of their usefulness.
But back to the point at hand. I wasn't referring to you putting
plaintext in your ID (lots of people do that), but because you split the
plaintext over multiple IDs it becomes scrambled because IDs don't have
an intrinsic order.
--
Andrew Gallagher
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 862 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20170928/aec256db/attachment.sig>
More information about the Gnupg-users
mailing list