[SlugLUG] Enigmail/gpg
Ignacio Solis
isolis at igso.net
Tue Mar 21 16:44:24 PST 2006
* Eric Carter (eacarter at ucsc.edu) said:
> Whats it mean that I've got UNTRUSTED Good keys for both of you?
Your program can verify that the sender of the message does indeed have that
key. What it can't verify is that the key is actually from me, Nacho. (as
opposed to someone saying they're nacho).
You have to tell gpg/pgp to trust the key. You sign it with your key,
indicating that you checked this person is who they say they are.
There is a second thing called a trust-db. This is where you (secretly) assing
a trust value to the person. Saying: "I trust this person to sign only keys he
as _really_ checked", as opposed to saying "this person will sign anybody, even
witout meeting them".
> Is there an easy way to get my key from Enigmail to public key servers?
Get your key out and send it. Which, if you're using normal gpg will probably
translate to:
gpg --keyserver hkp://subkeys.pgp.net --send-keys eacarter at ucsc.edu
(assuming that's they email of the key you're trying to send).
Nacho
--
Homepage: http://www.igso.net/~isolis/ | EEE8 08C9 FBAE B471 9691
GPG Public Key: http://www.igso.net/isolis.gpg | CE7A 1CC8 D3DE B31E 10AB
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://sluglug.ucsc.edu/pipermail/sluglug/attachments/20060321/41e9675f/attachment.pgp
More information about the Sluglug
mailing list