19 Dec
2018
19 Dec
'18
4:01 p.m.
W dniu 19.12.2018 o 15:21, Steve McIntyre pisze:
On Wed, Dec 19, 2018 at 12:26:00PM +0100, Arnd Bergmann wrote:
I get asked about keysigning occasionally, and tend to sign other people's GPG encryption keys that I meet at conferences.
That's good idea. Count me in.
- Make sure that you have Linaro business cards with your current
full key fingerprint on them.
FTAOD: I assime you're not suggesting that business cards are ID! Before signing things, also check whatever ID you can.
ID check is mandatory for me. There were keysigning events where I refused to sign keys for several people due to photo/face mismatch (usually teens).
- Debian people often (maybe mostly?) will prefer to send encrypted mail to each UID you present, using a tool like caff [1] to automate the process. That validates that you can also at least receive and decrypt mail sent to each address you're claiming to own.
caff ftw!