how to configure default sign key for particular user?

Scott Mcdermott scott at smemsh.net
Mon May 9 21:08:49 CEST 2016


MFPA on 2016/05/09 +0100 @01:44:19:
> > (aside: the default key selected for a userid should
> > probably be the later key anyways, I would think, under the
> > assumption that one always want to use the newer key, not
> > the oldest one.)
> 
> That would enable a "denial of service" attack: I publish a
> key containing your email address in a UID, people encrypt to
> my newer key instead of your older key.

I'm talking about signing, not encrypting, which uses my own
secret key, not a published key.

-- 
Scott



More information about the Gnupg-users mailing list