[prev in list] [next in list] [prev in thread] [next in thread]
List: gnupg-users
Subject: Re: Migrating keys
From: "Adrian 'Dagurashibanipal' von Bidder" <avbidder () fortytwo ! ch>
Date: 2003-11-26 19:33:43
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
On Wednesday 26 November 2003 20:08, Neil Williams wrote:
> On Wednesday 26 Nov 2003 7:40 am, Adrian 'Dagurashibanipal' von Bidder
wrote:
> > On Tuesday 25 November 2003 20:49, Neil Williams wrote:
> > > I've thought about that before and I've put a page on the DCLUG website
> > > that outlines what I hope is a decent method. Now's as good a time as
> > > any to ask if others think it'll work!
> > > http://www.dclug.org.uk/linux_doc/gnupgsign.html#transfer
> >
[...]
> As I suspected, it's usable in a situation where both parties still have
> non-email communication on an ongoing basis? This could be used to confirm
> or replace one of the steps - preventing someone attacking the email
> address from knowing the entire process.
Yes, I think that if I get a re-signing request *and* that person tells me on
a trusted channel that he sent me this mail I'd be inclined to sign it. Even
better if that person cross-signs the old and the new key. (But if we're
commuinicating through a trusted channel, it would be easy to just also give
the fingerprint, or at least the keyid, of the new key.)
cheers
-- vbi
--
featured product: the KDE desktop - http://kde.org
[Attachment #5 (application/pgp-signature)]
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic