[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: mysterious PGP release-signing keys




-----BEGIN PGP SIGNED MESSAGE-----

Hi Alex!

> This is yet another a good example of why one should never confuse using PK 
> certificates with security.  An email PGP signature looks impressive but in
> practice it is useless.

It is usefull iff you can verify the validity of the used PK certificate.
That's what the web of trust in PGP is for.

Cheers,
Patrick

- ---
PGP-KeyID: DD934139 ([email protected])    encrypt mail with PGP if possible
more about PGP on http://www.rubin.ch/pgp/ (english and german)
what ist the web of trust? see http://www.rubin.ch/pgp/weboftrust.en.html
Das Vertrauensnetz von PGP:    http://www.rubin.ch/pgp/weboftrust.de.html

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQESAwUBNoH0kpVgYabdk0E5AQHENgfjBRrYXjTfvo6NMbx/ktK23yeiKibeTfSZ
lbjZCdT+Vp433IAAtz4EHgC1vbSHaA04CdvPrX2cTYqeJAP7RQzGgbZVg7P9p23C
rFYoPtLdCXEiH9GDG48TuqFTUBvJrLMIZXIoSS/ZhMQMASim9zDF/gLQP0/VGicc
QwCjwogFed+R0uvoleZh0YhhEnkIKkLDM4a9pDcLKi9uryspeD6VrWevegmJpzXM
aSQBlpMuTdOXcmaThEqgblP7YeAzK8Q4IdT2oNsCpUx4DntzX/bJ5fOKYjRLdy10
4ctSlXOqYOWZmjVnF4lRFDmI1dwfX0hf7uHTBRG6lh913hAIVg==
=ktwt
-----END PGP SIGNATURE-----