I dont quite understand your question, but in PGP 6.0, they will use pictures aswell.. It is all fakeable.. but verify all info somehow verify key-id, fingerprint, picture etc. -- Max Inux (MaxInux@bigfoot.com) UIN: 207447, http://khercs.chipware.net Strong Cryptography makes the world a safer place- PGP: 0x5CCFCA59 Or Kinky sex makes the world go round- Christie: Your in my sig too ^^ If Cryptography is outlawed, only outlaws will have cryptography ^^ On Wed, 22 Jul 1998, Gustavo Henrique wrote:
I've just started studying pgp and crypo and I have a doubt that maybe you can answer.
Correct me if I'm wrong: the fingerprint was invented so you can check with the owner of the public key if his key is correct. Since the fingerprint is something small, you can check it over the phone or some other way.
The question is: why people put their fingerprints on a mail signature ? Some one could have changed his public key and changed his message, so that fingerprint will match a wrong public key. Isn't it the same nonsense as putting the public key in an email message (without signing nor encrypting it) ?
Thanks for the attention,
Gustavo Henrique
============================================================= Gustavo Henrique Maultasch de Oliveira Sysadmin.com.br
gustavoh@sysadmin.com.br http://www.sysadmin.com.br =============================================================