[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] emailing public dsa key (good, bad or ugly?)

Subject: [ale] emailing public dsa key (good, bad or ugly?)
From: dcorbin at machturtle.com (David Corbin)
Date: Wed, 25 Jan 2006 14:37:23 -0500
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]> <[email protected]>

On Wednesday 25 January 2006 06:52 pm, Michael Hirsch wrote:
> Why bother?  Why not just send the public key?  Isn't that why it's called
> "public"?  It should be safe to publish the key in an newspaper or blog. 
> Is there a risk we haven't heard of?
>
> You solution requires him to publish his public GPG key.  Doesn't the same
> question apply?

The issue, I think, is one of idenitity/integrity.  How does the reciever know 
the key he recieves has not been "tweaked" during the sending?  That is, it's 
not that the public key is "something to hide", it's just something to be 
SURE is from who you think it's from.

David.

Follow-Ups:
- [ale] emailing public dsa key (good, bad or ugly?)
  - From: ale at sixit.com (Robert Reese)

References:
- [ale] emailing public dsa key (good, bad or ugly?)
  - From: jakes.dad at gmail.com (Sid Lane)
- [ale] emailing public dsa key (good, bad or ugly?)
  - From: jkinney at localnetsolutions.com (James P. Kinney III)
- [ale] emailing public dsa key (good, bad or ugly?)
  - From: mdhirsch at gmail.com (Michael Hirsch)

Prev by Date: [ale] Printer troubles
Next by Date: [ale] emailing public dsa key (good, bad or ugly?)
Previous by thread: [ale] emailing public dsa key (good, bad or ugly?)
Next by thread: [ale] emailing public dsa key (good, bad or ugly?)
Index(es):
- Date
- Thread