[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Migrating to GPG - A mini-HOWTO



On Tue, Sep 14, 1999 at 11:55:39PM +0200, Martin Schulze wrote:
> Michael Stone wrote:
> > Not really. What if the pgp key is compromised? The original owner can
> > release a revocation certificate for the pgp key, but if someone creates
> > a new gpg key that you sign based on the (compromised) pgp key then
> > you've possibly validated a key that the original owner cannot revoke.
> > That would be bad.
> 
> So what do you propose?  Not using any digital signing at all?

How does that follow at all? Take a breath and calm down.

> What if you fake your passport and it's not Mike Stone but Joe
> Blair pretending to be you and I sign your key.  That would be bad.

Yes it would. What does that have to do with the scenario above?

Mike Stone

Attachment: pgpSEDtBfGs6s.pgp
Description: PGP signature


Reply to: