gpg experts?

Alan Dayley alandd at consultpros.com
Thu Feb 15 09:44:48 MST 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Darrin Chandler wrote:
> Of course it's possible. It's a lot easier with the private keys in
> hand. Just contact the NSA and see if you can borrow some of their
> computers for a while. Ok, maybe it's not practical... ;)
> 
> I don't know what mechanisms are in place now, but I don't think you can
> revoke at this point, either. Otherwise I can revoke your keys.
> 
> For normal use, none of this turns out to be an issue. Most people don't
> usually bother with a formal trust heirarchy and use the "web of trust."
> Heck, most people don't even bother doing that, and some don't even put
> their keys on the keyservers.
> 
> FYI, those of you who sign every message and don't have your key on a
> keyserver aren't accomplishing anything for the likes of us on this
> list. Nobody has the slightest way of telling if it's really you with
> any level of confidence. Maybe we should have mini key signing parties
> at the meetings...

I have my current key, 242E1596, and past ones on pgp.mit.edu.  My
current key has a long and unique pass phrase that is a pain to type
sometimes but is very hard to forget.

My other keys on that server are there to stay.  I was sloppy about
remembering the pass phrase or backing up the private key so cannot
revoke them.  Thus, I am a fan of pgp but have added to the clutter, for
which I apologize to the world.

They used to do a round robin of servers via wwwkeys.pgp.net.  I have
found that to be unreliable, however.  My email client uses the
following servers to look up keys:

pgp.mit.edu, random.sks.keyserver.penguin.de, subkeys.pgp.net,
ldap://certserver.pgp.com

These servers are included in the Enigmail extension to Thunderbird,
which makes key usage as easy as I have every seen.

A key signing party, or mini-party would be good to do.  Maybe I'll
start doing it 20 minutes before the Devel Meetings, just to do my part.
 That means I'll have to setup for the meeting earlier.  It's a
challenge at times to get setup for the 7:00PM start time but that is my
own fault!  ;^)

Alan

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org

iD8DBQFF1I4ADQw/VSQuFZYRAvKHAJ9DoKnvMeY4/+Ympp4UIj/q6GetKgCeNIZS
OueVgdJMf62AoWnFb/eyrew=
=N/Td
-----END PGP SIGNATURE-----


More information about the PLUG-discuss mailing list