--===============0942528323== Content-Type: multipart/signed; boundary="nextPart2483324.oMTPrJEZHz"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit --nextPart2483324.oMTPrJEZHz Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline May I call all this Geeky? Thanks for you both on these answers. I assume that even a yellowish key is= a=20 proof of non-netbot activity, which is a first, good point. I was kinda aware of the mess I could induce by sending an encrypted messag= e=20 both to Boyan - of which I can "sign for" & the List, of which I cannot. Now for the very gentle & mild flaming, OK: I know I should not "trust" you= !=20 That's for testing purpose, and I was glad that Anne "turned Green" on my=20 screen, settings to Fully Trust. Later on, I tried giving Boyan a "Marginal= "=20 trust, hoping that maybe a new shade of, what, orange maybe, would appear,= =20 (testing/learning, Boyan, nothing personal!) but the guy is plain green as= =20 well! :) Tried the same with Ingo, Green, same, messages displays "fully=20 trusted". I bet Colour of Trust here relates to Key validity from their ful= l=20 web of trust. One more on the Colour Scheme Topic: I did not set the "encrypt to self" so= =20 indeed, my own message was not readable & turned Blue. So much for the color scheme. Working in Cambodia for a School of Circus means NO GEEKS AROUND ...err, I= =20 mean: nobody else to my knowledge uses this feature, and for the very few=20 knowledge I got, I am still their best ressource in IT (How fast I forget=20 about Windows is frightening, though). So much for the Web of Trust. That was an interesting learning process, paranoia-wise. Remember I only=20 Point'N'Click, no terminal jobs for me, so yes, it's a can-do for the dumb= =20 user. Sure, I'll put this into practice as soon as I need it. And as soon as I le= arn=20 how to set it up under Gnome (failed already) & Windows (not a clue)... I think I'll end up here - I'll only send another message to you Boyan,=20 encrypted & signed to see if I can decrypt it this time. Cheers people. @ the moment, I don't feel like revoking your keys... Jean-Philippe. =2D-=20 SuSE93 Linux Kernell 2.6.11.4-21.14 KDE 3.4.0 Kontact 1.1 Kmail 1.8 PHNOM PENH - CAMBODIA =2D- =2Dfor reference, didn't feel like breaking apart into this:-- On Friday 19 January 2007 16:52, Anne Wilson wrote: > On Friday 19 January 2007 08:46, Boyan Tabakov wrote: > > Below is the original message from Jean-Philippe, as well as my answer. > > The message was encrypted for me, but seems as a post to everyone... > > It's worth pointing out that if you post to the author and to the list, t= he > ecryption/signing goes to both. If you really want to encrypt the message > to the author, the way around this is to send the message once to the > person who requires encryption, then Message > Send Again, changing the To > line for the list address. > > > > for testing purposes, I have signed/acknowledged Anne Wilson, Boyan > > > Tabakov & Ingo Klocker - out of intuition these people should be what > > > they are, and not as recommended through some Accurate Verification > > > Process - Hence, Anne & Ingo "turned Green" on my screen as well! > > > > Thanks for the trust, but that is not a good practice. > > Agreed. However, there is one not-so-small problem here. Unless there h= as > been a recent change, it is impossible to send encrypted messages to > someone who is not marked as trusted. I'm not sure whether this 'trust' > marking is what Jean-Philippe meant when he said 'signed/acknowledged'. > > > > The killall question: what's the use for me to have a key, if I am not > > > part of a "web of trust"? > > > > Not much use, if any at all. > > One reason I started using it is that some spam/virus emails substitute > addresses from an addressbook instead of the real sender. I had complain= ts > that I had sent a virus and had to explain how to look at headers and > identify the sender's IP and compare it with one known to be mine. This > doesn't go down well with most computer users. Signing it was one way of > giving them quick identification. I do, however, get some complaints that > I send 'attachments' in messages, and the recipients system doesn't allow > them to view the attachment. I've just got used to explaining that > the 'attachment' is my signature, and if they wish to ignore it, they can. > > > Find someone, a friend, colegue, etc, who's > > using PGP and ask him/her to sign your key. Then everything starts > > working: the friend of my friend is my friend... > > Not as easy as it should be. I tried to get a 'signing party' organised = at > my local LUG, but no-one was interested. It's worth reminding, too, that > you are supposed to take some incontrovertible proof of identity, such as= a > passport, when requesting signing. > > Just a few thoughts to add to what Boyan has already said :-) > > Anne --nextPart2483324.oMTPrJEZHz Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) iD8DBQBFsJ235MaRoSJJO+IRAoiTAJ938KvgLADNodOJa1zTT7SSeECrmgCgg8Bc StgdCb4WLk4werLbEVgHvpU= =gwLB -----END PGP SIGNATURE----- --nextPart2483324.oMTPrJEZHz-- --===============0942528323== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ KDE PIM users mailing list kdepim-users@kde.org https://mail.kde.org/mailman/listinfo/kdepim-users --===============0942528323==--