-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Saturday 2005-07-02 at 14:28 +0200, Theo v. Werkhoven wrote:
Exactly so. Some one was routinely forging email with in my name, on a SuSE list....
But we've never met IRL, so how do I know that that GPG id 6D8D47D5 belongs to the real mr. Carlos E.R. (who, for all we know, could be an avid Windows XP enthousiast who only ever sees MSDN)?
True. That's the problem with gpg/pgp, that it lacks a certification authority. It rely instead on a "web of trust". But, you can know whether an email claiming to come from me, with insults, and therefore suspicious at least, has the same identity than other emails of the same person sent previously over the months. It is the only thing I can do... - -- Cheers, Carlos Robinson -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFCxo42tTMYHG2NR9URAiWuAKCIjwt9TabZENjEv8Zz4qAygZLDdwCgi0/W wVdDoCLGFRn1ANfdUnYYkwM= =r6K1 -----END PGP SIGNATURE-----