--- Michael Schwendt <rh0210ms@arcor.de> wrote: > Unfortunately, there are both address harvesters and > virus-infected > users reading these lists. The most recent incident > where a > virus-infected message was mass-mailed with the name > of Chris > Kloiber made me reconsider. I'm signing my messages > with GPG > signatures by default again. Especially since I have > planned to > switch public mail addresses more frequently when > spam requires > it. It's a sad world when we have to resort to these methods. > Since Michael is not including his public > > key in the email -- > > That would be a NO, NO! If I included my public key > with each > message, would you notice if anyone replaced the key > and signed the > message with the replaced key? Well, technically speaking, you should download his public key and keep it on your keyring, which should really be stored on read only media if you want to be really secure. This would also speed up any transactions that require his public key to verify his authenticity. But then you would have to update the read only media frequently if he changes his key often. > However, it can also be the source of nasty delays. > And not every > key is on the keyservers. Hence my recommendation for downloading the key to the local keyring. HTH a bit more ===== Kevin C. McConnell --RHCE-- <Red Hat Certified Engineer> __________________________________________________ Do you Yahoo!? Faith Hill - Exclusive Performances, Videos & More http://faith.yahoo.com
