[kdepim-users] Fingerprint: where?

Ingo Klöcker kloecker at kde.org
Tue Jan 6 18:56:42 GMT 2009


On Tuesday 06 January 2009, Anne Wilson wrote:
> On Tuesday 06 January 2009 13:04:30 Kishore wrote:
> > On Tuesday 06 Jan 2009 2:32:49 pm Anne Wilson wrote:
> > > On Monday 05 January 2009 23:01:53 Ingo Klöcker wrote:
> > > > On Monday 05 January 2009, Dexter Filmore wrote:
> > > > > Am Montag, 5. Januar 2009 20:39:09 schrieb Anne Wilson:
> > > > > > On Monday 05 January 2009 18:20:29 Dexter Filmore wrote:
> > > > > > > So I had a closer look at GPG.
> > > > > > > Gettign there.
> > > > > > > Now - where's a godd place to put my fingerprint?
> > > > > > > eMail signature? Business Card? Letterbox? T-Shirt?
> > > > > >
> > > > > > You could do any of those, but some might be more efficient
> > > > > > than others :-)
> > > > >
> > > > > so the mail sig as a good place?
> > > >
> > > > No. See my message.
> > > >
> > > > > Should I announce which key server I used as well?
> > > >
> > > > Not necessary since (almost) all key servers synchronize their
> > > > data bases. (Those key servers not doing so are not worth
> > > > using.)
> > > >
> > > > > > > What's the easiest way to add one's public key with
> > > > > > > KMail?
> > > > > >
> > > > > > In KMail > Settings > Configure KMail > Identities > select
> > > > > > identity, and Modify > Cryptography tab.  You should be
> > > > > > able to use the Change button to add your key for signing
> > > > > > and for encryption.
> > > > >
> > > > > Ah, misunderstanding: I meant: someone writes me a signed
> > > > > mail and I want to import his/her PK.
> > > > > Yours for example. There's no button or such like "import
> > > > > public key from server X"
> > > >
> > > > One way to do it is clicking on Show Details, double clicking
> > > > on the key ID, pressing Alt+F2, typing 'gpg --recv-keys ',
> > > > middle clicking behind the typed text (to paste the key ID),
> > > > pressing Enter.
> > > >
> > > > Not very convenient, but probably the fastest way to do it.
> > >
> > > There is another option that you may or may not want to use.  On
> > > the kmail Configure menu, Security section there is an option to
> > > automatically import keys and certificates.
> > >
> > > The upside is that it all happens transparently.  The downside is
> > > that it imports every key it encounters, so your keyring might
> > > become quite large, and there is a noticeable delay while it
> > > fetches keys when it encounters one it doesn't already know.  Of
> > > course if you are meeting the same keys over and over that would
> > > be a fairly irregular occasion.
> >
> > I just checked that i have that option set but to no effect.
>
> There does seem to have been a lot of problems with gpg and recent
> kmail versions.  It used to work perfectly, but I agree that Ingo's
> method imported the key, suggesting that the auto-import is broken in
> this version (1.10.3).
>
> > > Your choice.  Ingo's method is perfect for importing single keys.
> >
> > I tried what ingo suggested and now the message has changed. It
> > still says "not enough information to..." but has changed the
> > details to read "The signature is valid, but the key's validity is
> > unknown". Can I fix that?
>
> I don't think there is anything to fix.  I understand it to say that
> the key has not expired or been revoked, so in that sense it's valid,
> but the key has not been counter-signed by anyone prepared to say
> that they have checked that Dexter really is Dexter :-)  In that
> sense, the validity is unknown.

More precisely, there is no trusted path in the web-of-trust between 
Dexter's key and Kishore's key (given that Kishore does actually have a 
key) certifying the validity of Dexter's key from Kishore's point of 
view.


Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/kdepim-users/attachments/20090106/6c6a206d/attachment.sig>
-------------- next part --------------
_______________________________________________
KDE PIM users mailing list
kdepim-users at kde.org
https://mail.kde.org/mailman/listinfo/kdepim-users


More information about the kdepim-users mailing list