Re: GPG and Signing

To: debian-user@lists.debian.org
Subject: Re: GPG and Signing
From: Kevin Mark <kevin.mark@verizon.net>
Date: Sun, 1 Apr 2007 20:56:01 -0400
Message-id: <[🔎] 20070402005601.GK5262@localhost>
Mail-followup-to: Kevin Mark <kevin.mark@verizon.net>, debian-user@lists.debian.org
In-reply-to: <[🔎] 002101c774c0$daa4e150$0201a8c0@wa9als>
References: <[🔎] 20070401134247.09de9e9e@abydos.stargate.org.uk> <[🔎] 20070401133519.GA6182@localhost> <[🔎] 20070401145951.464a5cd8@abydos.stargate.org.uk> <[🔎] 87fy7kf84c.fsf@toncho.dhh.gt.org> <[🔎] 20070401162934.6baa904c@abydos.stargate.org.uk> <[🔎] 460FD5B3.6030804@cox.net> <[🔎] 20070401233943.GA8331@localhost> <[🔎] 87zm5rd4bw.fsf@toncho.dhh.gt.org> <[🔎] 20070402003219.GB24096@localhost> <[🔎] 002101c774c0$daa4e150$0201a8c0@wa9als>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sun, Apr 01, 2007 at 08:50:02PM -0400, John Fleming wrote:
> On Sun, Apr 01, 2007 at 07:09:55PM -0500, John Hasler wrote:
> >Michael Pobega writes:
> >> Is it a bad practice to verify keyrings of people on the mailing list, 
> >> or
> >> is it better to wait until I meet up with some of them at say Debconf or
> >> something similar?
> >
> >Depends on what you mean by "verify".  There is nothing wrong with
> >downloading their public keys and using them to verify that all the
> >messages purporting to come from them are indeed signed with the same key
> >and so probably did come from the same person.  However, you should not
> >sign someone's key unless you have met them, interviewed them, and 
> >examined
> >and verified their credentials.
> >
> 
> What exactly is signing a key, and how does it work?
> 
> I'd Google it...but I wouldn't know where to start.
> ----------------------------------------------------------------
> 
> While we're still on this, why do most of your (Debian-users-who-sign) 
> emails show up in OE with the signature and the email text as attachments? 
> It seems whether I use GPG or a Thawte cert, they still don't show up as 
> attachments.  Are you doing something "special" to make them show up that 
> way, and I assume there's something desirable about doing it that way - 
> please tell me.  Makes it hostile to REPLY TO, at least with OE.  I suppose 
> the problem is with OE, but I'd still like to understand what's happening. 
> THANKS!  - John
There are 2 kinds of signatures: in-line and attachment. Most folks here
us attachment. I specify in-line, if the mailing list doesnt allow
attachments. IIRC there was one OE thing for handling digital
signatures, not that I've used OE in like 10 years...
- -- 
|  .''`.  == Debian GNU/Linux == |       my web site:           |
| : :' :      The  Universal     |mysite.verizon.net/kevin.mark/|
| `. `'      Operating System    | go to counter.li.org and     |
|   `-    http://www.debian.org/ |    be counted! #238656       |
|  my keyserver: subkeys.pgp.net |     my NPO: cfsg.org         |
|join the new debian-community.org to help Debian!              |
|_______  Unless I ask to be CCd, assume I am subscribed _______|
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGEFShv8UcC1qRZVMRAkx7AJ0UKtrnBRc9qa2d2TWgfIeHsrvr/wCgglzg
g8Bs+KBN4IuVbCDXYfpVwQs=
=vT6p
-----END PGP SIGNATURE-----

Reply to:

References:
- Re: GPG and Signing
  - From: Brad Rogers <brad@fineby.me.uk>
- Re: GPG and Signing
  - From: Michael Pobega <pobega@gmail.com>
- Re: GPG and Signing
  - From: Brad Rogers <brad@fineby.me.uk>
- Re: GPG and Signing
  - From: John Hasler <jhasler@debian.org>
- Re: GPG and Signing
  - From: Brad Rogers <brad@fineby.me.uk>
- Re: GPG and Signing
  - From: Ron Johnson <ron.l.johnson@cox.net>
- Re: GPG and Signing
  - From: Michael Pobega <pobega@gmail.com>
- Re: GPG and Signing
  - From: John Hasler <jhasler@debian.org>
- Re: GPG and Signing
  - From: Michael Pobega <pobega@gmail.com>
- Re: GPG and Signing
  - From: "John Fleming" <john@wa9als.com>

Prev by Date: Re: GPG and Signing
Next by Date: Re: OT: sponge burning!
Previous by thread: Re: GPG and Signing
Next by thread: Re: GPG and Signing
Index(es):
- Date
- Thread