[spam][joke][cryptotragedy] checking signatures on boot media
Stefan Claas
spam.trap.mailing.lists at gmail.com
Wed Nov 3 15:33:23 PDT 2021
On Wed, Nov 3, 2021 at 5:11 PM Karl <gmkarl at gmail.com> wrote:
>
> the guy wasn't from openpgp.org, and coderman posted it to this list in 2019: https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f
>
> the new keyserver is called hockeypuck I believe.
Hi Karl,
Why do you still rely on OpenPGP WoT signatures, when it comes
to cryptography? If we both or you with others would use an offline
device for key pair creation (and message generation) and then say
would use NaClbox or age, for example, you don't have to deal with
all this key management stuff, which is IMHO really annoying, when
you have to use PGP on a daily basis, with several communication
partners.
The (Open)BSD folks, for example, switched long ago to signify,
for package signing and sequoia-pgp (Testimonial by Mr. Zimmermann)
no longer uses key signing for a WoT.
Best regards
Stefan
More information about the cypherpunks
mailing list