was Re: PGP Key Poisoner // now "Binding one person's subkey to another person's primary key"
brian at minton.name
Wed Aug 14 20:30:31 CEST 2019
-----BEGIN PGP SIGNED MESSAGE-----
I've often wondered why the sks software didn't require
cross-certification. It seems like that would solve the key poisoning
issue. It would mean that when signing someone's key, you'd have to
have a way to exchange the signatures first, before submitting them to
the keyserver network. However, I think that most keysigning parties
do that anyway, not to mention software like caff.
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the Gnupg-users