SLUG Mailing List Archives
[SLUG] Re: GnuPG key signatures - tools to automate accepting them?
- To: "SLUG List" <slug@xxxxxxxxxxx>
- Subject: [SLUG] Re: GnuPG key signatures - tools to automate accepting them?
- From: "Amos Shapira" <amos.shapira@xxxxxxxxx>
- Date: Wed, 14 Feb 2007 09:53:02 +1100
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=kmXvpdNS4oos2qC/IBGMYD4DUs1jgMnqVLAGuknpwuPR/xCl3YPVwqgzGIjA/epNrSexekDTa7Mn3q4vV+KGl3WVAxZvcSRtHJbQDr5Xl2/W9trOBtdMB1wT0ViNYLxHGuw8pvywXT/fLMNJuqNmWshZi62N36IuySbtZtXrFz4=
On 14/02/07, Hamish Moffatt <hamish@xxxxxxxxxxxx> wrote:
caff deliberately does not upload other people's signatures directly,
I don't know if there is some etiquette-related reason for doing that.
Yes actually there is - people might not want their key to be available on
public servers for various reasons (it weakens the key's security a bit,
spam bots harvest addresses, privacy and more).
So the proper thing is to e-mail the signed key back to its owner. Be aware
that once you submit a key to the keyservers there is no way to delete it
(or at least that's what I read in the MIT key server's documentation).