Bug#254692: On keysigning page, give better advice
Package: www.debian.org
Severity: normal
On the keysigning page
http://www.debian.org/events/keysigning
you should mention that participants should verify that the key ID
and key size of the key that they sign both correspond to those that
appear on the slip of paper that was received. (I.e., a comparison
of the fingerprint is not enough.) Furthermore, only user IDs that
appear on the slip of paper should be signed, and only user IDs that
have been signed by their owner should be signed.
See, e.g.,
http://www.uk.pgp.net/pgpnet/pgp-faq/pgp-faq-keys.html#key-public-key-forgery
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (900, 'unstable'), (700, 'testing'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.6
Locale: LANG=en_IE@euro, LC_CTYPE=en_IE@euro
Reply to: