Re: gnupg signing

To: <debian-mentors@lists.debian.org>
Cc: "Stefan Alfredsson" <stefan@alfredsson.org>, <fsblk@aurora.uaf.edu>
Subject: Re: gnupg signing
From: "Robert McQueen" <robert.mcqueen@hands.com>
Date: Mon, 31 Jul 2000 14:49:30 +0100
Message-id: <[🔎] 007901bffaf6$26a7e760$0200000a@mcnet>
References: <[🔎] Pine.OSF.4.21.0007271018550.1421-100000@aurora.uaf.edu> <[🔎] 20000731103035.A22117@sa-pc.cs.kau.se>

As I understood it from the NM pages, you have to sign the files (ie
gpg --sign --armor id.jpg) because it says it is unacceptable just to sign
the message. You would then only have to sign the message and not worry
about the files, which you could attatch self-signed (it'd be id.jpg.gpg)
and can be extracted with just gpg id.jpg.gpg. I'm not sure this is what the
page intends, but it seems logical.

Rob

----- Original Message -----
From: "Stefan Alfredsson" <stefan@alfredsson.org>
To: "Britton" <fsblk@aurora.uaf.edu>
Cc: <debian-mentors@lists.debian.org>
Sent: Monday, July 31, 2000 9:30 AM
Subject: Re: gnupg signing


> This might be somewhat inconvenient, but how about including MD5 sums
> of the attachments in the body of the message, which is then signed?
> (i.e. md5sums *.jpg  + cutnpaste)
>
> But since you will do a lot of signing in the future, I'd suggest
> using a mailer that handles gpg, as the others have suggested :)
>
> Quoting Britton <fsblk@aurora.uaf.edu>:
> >
> > see any gpg options to mh, and if I include my scanned identification as
> > an attachment, then it will not count as input to the hash of the
message.
>
> Regards,
>  Stefan

Reply to:

References:
- gnupg signing
  - From: Britton <fsblk@aurora.uaf.edu>
- Re: gnupg signing
  - From: Stefan Alfredsson <stefan@alfredsson.org>

Prev by Date: Re: gnupg signing
Next by Date: (un-)subscribing on debian mailing lists
Previous by thread: Re: gnupg signing
Next by thread: Re: gnupg signing
Index(es):
- Date
- Thread