[ale] Commentary about PGP / GPG key generation...
Jim Kinney
jim.kinney at gmail.com
Wed Nov 30 13:36:19 EST 2011
On Wed, Nov 30, 2011 at 1:24 PM, Jeremy T. Bouse <jeremy.bouse at undergrid.net
> wrote:
>
> I can't actually come up with any good argument why a key would not
> want to be submitted to a key server if it is a key used to communicate
> with others. Now I have other keys that I use for internal things, such
> as encrypting my duplicity backups, that are not submitted to a key
> server because they aren't used to communicate with others. That said if
> you want send an email to someone encrypted or even signed, as a
> recipient I'm gonna raise an eyebrow or two if the public key to
> validate it is sent as an attachment from the same person and not from a
> trusted third-party like a key server. Especially if that key has not
> been signed by myself or someone I trust.
>
>
so far from a "good argument" it's laughable, b u t .....
a certain gov group once required signed emails but also required the pub
keys NOT be published on a keyserver "for security reasons" but be
_emailed_ instead along with an attachment that was a scan of the sender
drivers license.
--
--
James P. Kinney III
As long as the general population is passive, apathetic, diverted to
consumerism or hatred of the vulnerable, then the powerful can do as they
please, and those who survive will be left to contemplate the outcome.
- *2011 Noam Chomsky
http://heretothereideas.blogspot.com/
*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20111130/828b731b/attachment.html
More information about the Ale
mailing list