Re: RFC: gnupg
Zed Pobre <zed@moebius.interdestination.net> writes:
> >3) You will use your existing PGP key to sign your gpg key
> > initially - I see no scope there for exploits, could you
> > clarify?
>
> You can't use an existing PGP key to sign a GPG key, not in the
> usual fashion anyway. I suppose I could uuencode the GPG key output
> and sign THAT with my PGP key.
*sigh*. Are you trolling?
gpg --armor --output mykey.asc --export "Joe Bloggs"
pgp -fast < mykey.asc > mykey.asc.pgp
Send the resulting mykey.asc.pgp in an email. This is exactly what
everyone has done so far, even before I asked them to. Obviously
wasn't that hard for people other than you to figure out.
Again, how the hell is this exploitable? And do you think I would
seriously accept random GNUPG keys from current maintainers without
them being PGP signed? That's _very_ insulting. Maybe you are
trolling.
--
James
~Yawn And Walk North~ http://yawn.nocrew.org/
--
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: