[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Well now that we're signing...



-----BEGIN PGP SIGNED MESSAGE-----

I disagree also with posting public keys to the list, but I think
anyone who signs their messages should either have their key in the
keyservers or should at least provide information on how to get the
key along with the message. Why bother signing if your key is
not available?

Something I was wondering about is what should be done with
signatures that don't check out. For the most part it is due to a
bug in the signing/mailing procedure, rather than an actual spoof.
Is there an ettiquette for contacting the person who posted the
missigned message. Do people want to know if their sigs didn't
check out?

- -Craig
�aig Steinberger                                [email protected]
SUNY at Buffalo CFD Lab        send mail with subject PGPKEY for PGP Key

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLuKKpMI9bVMUIPr9AQEqugQAgiPQaW6J0PuBuaCZB8+V2nXNCjRrdB68
N67rDSRwv82Kri+QDSIggbtuuuqAJp/u750x1CSCGWd+SgwPENs0mRlW+bEh5IB2
Oqq0GnQ6E8PdLvVDneAVdrdBymyz5csAgTCOKgRc90XPycMGi/aMa2Kk8KglAR4K
qZgVBN+P4XY=
=A66/
-----END PGP SIGNATURE-----