On 01/07/09 19:03, Larry Cafiero wrote:
On Wed, Jul 1, 2009 at 10:43 AM, inode0 <inode0@xxxxxxxxx <mailto:inode0@xxxxxxxxx>> wrote: You cannot validate an imported key without having access to the full fingerprint. You should always validate the key's fingerprint with the key's owner before signing it. You can call the person or use some other means, it is convenient for people if it is just on the card. So let me make sure I'm following this (while exposing what a noob I am in this regard): I would validate an imported key from you by checking what's on my screen against the full fingerprint on your business card. Is that the rationale and benefit of having the full fingerprint on the card?
You should only validate, if also you have seen picture ID. Frank -- Fedora-marketing-list mailing list Fedora-marketing-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-marketing-list
