[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Big problem - GnuPG key deleted

Hi, Filip Van Raemdonck wrote:

> I know I wouldn't remember everyone's face I have met for keysigning in
> the past, or if I remembered the face I wouln't always be sure (s)he was
> claiming to be the same person back then as (s)he is claiming to be now.
> I equally wouldn't trust anyone else to do so.

For practical purposes, I'd verify that the person who asks me to revoke
the signature on the old key is reachable at one of the email addresses I
initially verified (yes, I keep all those mails). I'll have to do that
anyway since presumably they'll want me to sign their new key while we are
at it.

Besides, as Anthony wrote, the standard for revocations should be way
lower. That's hardly news, the same thing happens (or rather, doesn't)
when you phone your bank after your credit card gets stolen.

BTW: You can also sign ID pictures; the only problem is that the key
servers don't seem to propagate them, so if you want to do that you'll
have to do it manually.  :-/

Matthias Urlichs   |   {M:U} IT Design @ m-u-it.de   |  smurf@smurf.noris.de
Disclaimer: The quote was selected randomly. Really. | http://smurf.noris.de
VAXIMA - The height of ecstasy reached while computing on the VAX.
Also (archaic): Mother of VAX.

Reply to: