17 Jan
2017
17 Jan
'17
5:11 a.m.
On 01/16/2017 11:00 PM, James A. Donald wrote:
Is hard.
Suppose I want to talk to you about something that is actually important. I ask you to email me your public key. How do I know that the key I receive is the key you sent?
If you think someone's monkeying with your email, then you don't do the key exchange that way, you do it in person or at the very least you verify it in person or over the phone.
One solution is to make your public key as public as possible, affix it to all your communications and never change it.
But you are not doing that.
That's what keyservers are for. Affixing the key to every message is a needless waste of space. -- Shawn K. Quinn <skquinn@rushpost.com> http://www.rantroulette.com http://www.skqrecordquest.com