[prev in list] [next in list] [prev in thread] [next in thread]
List: kdepim-users
Subject: Re: [kdepim-users] Boyan Tabakov turned Green ! (PGP KGpg topic)
From: Jean-Philippe Monteiro <joaophilippe.mb.monteiro () gmail ! com>
Date: 2007-01-19 10:30:04
Message-ID: 200701191730.15101.joaophilippe.mb.monteiro () gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
May I call all this Geeky?
Thanks for you both on these answers. I assume that even a yellowish key is a
proof of non-netbot activity, which is a first, good point.
I was kinda aware of the mess I could induce by sending an encrypted message
both to Boyan - of which I can "sign for" & the List, of which I cannot.
Now for the very gentle & mild flaming, OK: I know I should not "trust" you!
That's for testing purpose, and I was glad that Anne "turned Green" on my
screen, settings to Fully Trust. Later on, I tried giving Boyan a "Marginal"
trust, hoping that maybe a new shade of, what, orange maybe, would appear,
(testing/learning, Boyan, nothing personal!) but the guy is plain green as
well! :) Tried the same with Ingo, Green, same, messages displays "fully
trusted". I bet Colour of Trust here relates to Key validity from their full
web of trust.
One more on the Colour Scheme Topic: I did not set the "encrypt to self" so
indeed, my own message was not readable & turned Blue.
So much for the color scheme.
Working in Cambodia for a School of Circus means NO GEEKS AROUND ...err, I
mean: nobody else to my knowledge uses this feature, and for the very few
knowledge I got, I am still their best ressource in IT (How fast I forget
about Windows is frightening, though).
So much for the Web of Trust.
That was an interesting learning process, paranoia-wise. Remember I only
Point'N'Click, no terminal jobs for me, so yes, it's a can-do for the dumb
user.
Sure, I'll put this into practice as soon as I need it. And as soon as I learn
how to set it up under Gnome (failed already) & Windows (not a clue)...
I think I'll end up here - I'll only send another message to you Boyan,
encrypted & signed to see if I can decrypt it this time.
Cheers people. @ the moment, I don't feel like revoking your keys...
Jean-Philippe.
--
SuSE93 Linux Kernell 2.6.11.4-21.14 KDE 3.4.0 Kontact 1.1 Kmail 1.8
PHNOM PENH - CAMBODIA
--
-for reference, didn't feel like breaking apart into this:--
On Friday 19 January 2007 16:52, Anne Wilson wrote:
> On Friday 19 January 2007 08:46, Boyan Tabakov wrote:
> > Below is the original message from Jean-Philippe, as well as my answer.
> > The message was encrypted for me, but seems as a post to everyone...
>
> It's worth pointing out that if you post to the author and to the list, the
> ecryption/signing goes to both. If you really want to encrypt the message
> to the author, the way around this is to send the message once to the
> person who requires encryption, then Message > Send Again, changing the To
> line for the list address.
>
> > > for testing purposes, I have signed/acknowledged Anne Wilson, Boyan
> > > Tabakov & Ingo Klocker - out of intuition these people should be what
> > > they are, and not as recommended through some Accurate Verification
> > > Process - Hence, Anne & Ingo "turned Green" on my screen as well!
> >
> > Thanks for the trust, but that is not a good practice.
>
> Agreed. However, there is one not-so-small problem here. Unless there has
> been a recent change, it is impossible to send encrypted messages to
> someone who is not marked as trusted. I'm not sure whether this 'trust'
> marking is what Jean-Philippe meant when he said 'signed/acknowledged'.
>
> > > The killall question: what's the use for me to have a key, if I am not
> > > part of a "web of trust"?
> >
> > Not much use, if any at all.
>
> One reason I started using it is that some spam/virus emails substitute
> addresses from an addressbook instead of the real sender. I had complaints
> that I had sent a virus and had to explain how to look at headers and
> identify the sender's IP and compare it with one known to be mine. This
> doesn't go down well with most computer users. Signing it was one way of
> giving them quick identification. I do, however, get some complaints that
> I send 'attachments' in messages, and the recipients system doesn't allow
> them to view the attachment. I've just got used to explaining that
> the 'attachment' is my signature, and if they wish to ignore it, they can.
>
> > Find someone, a friend, colegue, etc, who's
> > using PGP and ask him/her to sign your key. Then everything starts
> > working: the friend of my friend is my friend...
>
> Not as easy as it should be. I tried to get a 'signing party' organised at
> my local LUG, but no-one was interested. It's worth reminding, too, that
> you are supposed to take some incontrovertible proof of identity, such as a
> passport, when requesting signing.
>
> Just a few thoughts to add to what Boyan has already said :-)
>
> Anne
[Attachment #5 (application/pgp-signature)]
_______________________________________________
KDE PIM users mailing list
kdepim-users@kde.org
https://mail.kde.org/mailman/listinfo/kdepim-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic