was Re: PGP Key Poisoner // now "Binding one person's subkey to another person's primary key"
Brian Minton
brian at minton.name
Wed Aug 14 20:30:31 CEST 2019
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
I've often wondered why the sks software didn't require
cross-certification. It seems like that would solve the key poisoning
issue. It would mean that when signing someone's key, you'd have to
have a way to exchange the signatures first, before submitting them to
the keyserver network. However, I think that most keysigning parties
do that anyway, not to mention software like caff.
-----BEGIN PGP SIGNATURE-----
iHUEARYIAB0WIQTu0BWAE9wubW4AHqQ3uVB6z/IBbgUCXVRTFwAKCRA3uVB6z/IB
bqAKAQC4mzwJSUj52Wls65QJqOdZNFvEx8yozIeCDtb/+XWdtAD7BALPm3Z9/5oI
ZAjPE5b9EX1sddZpdj2+DuvbKZKoDQeIdQQBEQgAHRYhBPnEu3YOeD8N7BCmimuO
s6Blz7qpBQJdVFMvAAoJEGuOs6Blz7qpCMgA/35Ni8l2Cb/EdHP3AhmkbHJAVGHo
7AeDnRHGcgre6M1CAPwO8IoTd8l69z2Rn0YzXwakHfNQlp9+OPg6U+mUj9eImw==
=v1zo
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list