[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Tor binary signatures
JT wrote:
> Hi,
>
> thx for the link!! Great!
>
> I have been using PGP for a while but never used a keyserver.
> I checked out the one at noreply. To make my key known to the world I
> only have to paste it into that form and all other keyservers will
> synch?
> Is that correct?
I think most big, public keyservers sync with each other, yes.
> But then anybody could use the Name "Roger Dingledine" and add a key, or
> not?
Right. Which is why you should verify the key ID out-of-band (e.g. in
person at a conference) and/or work on developing your web of trust
(http://www.gnupg.org/gph/en/manual/x547.html).
Steve