Fwd: PGP Signing
Allan Irving
allanirving at allanirving.co.uk
Fri Jul 18 13:44:53 UTC 2014
Think I understand it now! :)
With the smart card, I presume I don't need to worry about creating a
separate signing key etc? Saw it in the original Debian guide and it was
confusing as hell
*This message, and any attachments to it, may contain information that is
privileged, confidential, copyrighted and exempt from disclosure under
applicable law. If the reader of this message is not the intended
recipient, you are notified that any use, dissemination, distribution,
copying, or communication of this message is strictly prohibited. If you
have received this message in error, please notify the sender immediately
by return email and delete the message and any attachments. *
On 18 July 2014 13:25, Jann Eike Kruse <jannkruse at fsfe.org> wrote:
> On 18/07/14 15:19, Allan Irving wrote:
> > I follow the stuff regarding who to sign etc.
> >
> > So, what's the best way to keep it all in check after I receive a
> > signature? Have them reupload it to a key server, preferably the main
> one -
> > I should then download this and reupload it to my website accordingly as
> it
> > will now contain a signature?
> >
> > I presume a signature takes up little space else someone with many sigs
> > could find they have a massive key?
>
> All correct!
> That's a reasonable way to handle it IMO.
>
> Some keys are a bit massive, if they have hundreds of signatures. For
> example this one:
>
> http://pgp.mit.edu/pks/lookup?op=get&search=0xD2BB0D0165D0FD58
>
> Best,
> Jann
>
> --
> Sent with open-source Free Software. Respect your freedoms!
> Send me encrypted messages for privacy. OpenPGP key: 8a30148a
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fsfe.org/pipermail/discussion/attachments/20140718/089d3356/attachment.html>
More information about the Discussion
mailing list