FAQ: seeking consensus

Steffen Nurpmeso steffen at sdaoden.eu
Mon Oct 21 18:55:17 CEST 2019


Steffen Nurpmeso wrote in <20191021160908.4_HGk%steffen at sdaoden.eu>:
 |Vincent Breitmoser wrote in <2UJQOP6NMJE80.2FS52GC36TCEU at my.amazin.horse>:
 ||> Especially if the key is shipped alongside the message already
 ||
 ||Are you sure that it is though? Seems to me you're giving out ill-informed
 ||advice here.
 |
 |Bad advice of mine yes, PGP does not do it the way S/MIME does it.
 ...
 |But you could send a signed message with the public key attached
 |(as application/pgp-keys even?) to the person you want to
 |henceforth communicate encrypted and/or signed.  You need some
 |kind of web of trust to make this fly, however.  But it would
 |make it clear that you have the private counterpart.

Ok, that "clear" is only true if you then just send an encrypted
messae right afterwards.  But that should be it, or am i confused?
I would say that is not an effort too much to gain safe
communication when it is desired.  And then there are other ways
of fetching keys, as long as there are keyservers which one can
use.

Thanks for the sks pool is due at that time.

--steffen
|
|Der Kragenbaer,                The moon bear,
|der holt sich munter           he cheerfully and one by one
|einen nach dem anderen runter  wa.ks himself off
|(By Robert Gernhardt)



More information about the Gnupg-users mailing list