Several questions as feedback on gnupg

Loic Bernable leto@vilya.org
Wed Jan 23 19:56:01 2002


--E7i4zwmWs5DOuDSH
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Selon Mark Brown :=20
> When validating the user ID you should validate the whole of the user
> ID, including the e-mail address portion.  Methods like showing that=20
> encrypted mail to the e-mail address in the UID can be read could be
> used.

So your advice should be to send an encrypted email to the person who
gave you his/her key, wait for his/her approval by email and *only* then
sign his/her key, right ?

The things get complicated :o)

--=20
### Lo=EFc Bernable aka Leto -- leto@vilya.org -- Parinux, April, LinuxFR #=
##
Election fault - Gore dump

--E7i4zwmWs5DOuDSH
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8TwawX1807qC7PesRAqnxAJ94152dFsPQNw/vP4BEqQZ8RjMHnwCdHMmU
Qc45a9nc2G0Vc8MQypXe/5E=
=USrf
-----END PGP SIGNATURE-----

--E7i4zwmWs5DOuDSH--