PGP signatures.

Anne Wilson cannewilson at googlemail.com
Tue May 27 19:53:35 UTC 2008


On Tuesday 27 May 2008 18:24:01 Patrick O'Callaghan wrote:
> On Tue, 2008-05-27 at 12:37 -0400, Kevin J. Cummings wrote:
> > Dennis Gilmore wrote:
> > > On Tuesday 27 May 2008, Mike Chambers wrote:
> > >> On Tue, 2008-05-27 at 10:43 -0500, Mikkel L. Ellertson wrote:
> > >>> I wish people sign their messages using PGP would make sure to
> > >>> upload their public key to one of the key servers. While it does not
> > >>> prove you are who you say you are, it would indicate that all the
> > >>> signed messages are from the same person. Without your public key,
> > >>> we have no way to check.
> > >>
> > >> Accoring to evo (Unless it's not pointing to a correct place), yours
> > >> isn't public neither :P
> > >>
> > >> gpg: armor header: Version: GnuPG v1.4.7 (GNU/Linux)
> > >> gpg: Signature made Tue 27 May 2008 10:43:15 AM CDT using DSA key ID
> > >> 6DC9C8C4
> > >> gpg: Can't check signature: public key not found
> > >
> > > kmail says it cant be found either
> >
> > Surprising.  Enigmail told me it was an "UNTRUSTED Good Signature from
> > Mikkel L. Ellertson"
>
> "Untrusted" just means you haven't decided to trust it. You probably
> need the gpg command line to do that (can't remember as I haven't used
> Enigmail in a while).
>
And it needs to be signed as a local trust, not uploadable, since you haven't 
verified that Mikkel isn't actually Yul Brynner :-)

man gpg explains all.

Anne
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20080527/74805f44/attachment-0001.bin 


More information about the users mailing list