gpg --recv-key option
Frank Tobin
ftobin@uiuc.edu
Fri, 24 Mar 2000 16:58:47 -0600 (CST)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Marius Strom, at 16:11 -0600 on Fri, 24 Mar 2000, wrote:
> Searching by {email,lastname,firstname,anything but the keyid} is very
> susceptible to security issues, IMHO. I think taking the extra step to
> getting the KeyID is a "good thing"(tm).
Please qualify this remark. Signatures on keys solves the issue of
downloading 'untrusted' keys.
Currently, there is a problem with some keyservers that assume that only
accept one of any short key ID, but this is an implementation issue, not a
trust one.
- --
Frank Tobin http://www.uiuc.edu/~ftobin/
"To learn what is good and what is to be valued,
those truths which cannot be shaken or changed." Myst: The Book of Atrus
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (FreeBSD)
Comment: pgpenvelope - http://pgpenvelope.sourceforge.net/
iEYEARECAAYFAjjb8zIACgkQVv/RCiYMT6OY6QCghubsd3uJMbhkcWxjKp/gEKY0
lqkAn3/H4v8zdzkwICr3CKOp04aLnNC4
=Bvw7
-----END PGP SIGNATURE-----