sks-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] new keyserver online

From: C.J. Adams-Collier KF7BMP
Subject: Re: [Sks-devel] new keyserver online
Date: Sun, 22 Aug 2010 15:53:24 -0700
On Sun, 2010-08-22 at 23:56 +0200, Christoph Anton Mitterer wrote: 
On Sun, 2010-08-22 at 14:48 -0700, C.J. Adams-Collier KF7BMP wrote:
> It was published on a CD, signed by Philipp Kern <address@hidden>, a
> Debian Developer whose identity was verified in person by another DD:
And you believe that Philipp has met officials for all the CAs included
in the Mozilla bundle and verified them?

He explicitly states that he has not audited them.


Mozilla itself just takes them from WebTrust, IIRC,... and we've already
seen recently how securely Mozilla handles this (when they've had a CA
included, from which they didn't even know to whom it belongs).
http://www.mozilla.org/projects/security/certs/policy/


Nevertheless.... I still don't understand what you actually want.
The output of the following would be sufficient:

$ echo "hello world" | gpg --digest-algo sha256 --clearsign

Attachment: signature.asc
Description: This is a digitally signed message part

reply via email to
[Prev in Thread] Current Thread [Next in Thread]