Proposed business card format changes
inode0
inode0 at gmail.com
Wed Jul 1 18:14:16 UTC 2009
On Wed, Jul 1, 2009 at 1:07 PM, Frank Murphy<frankly3d at gmail.com> wrote:
> On 01/07/09 19:03, Larry Cafiero wrote:
>>
>> On Wed, Jul 1, 2009 at 10:43 AM, inode0 <inode0 at gmail.com
>> <mailto:inode0 at gmail.com>> wrote:
>>
>>
>> You cannot validate an imported key without having access to the full
>> fingerprint. You should always validate the key's fingerprint with the
>> key's owner before signing it. You can call the person or use some
>> other means, it is convenient for people if it is just on the card.
>>
>>
>> So let me make sure I'm following this (while exposing what a noob I am
>> in this regard): I would validate an imported key from you by checking
>> what's on my screen against the full fingerprint on your business card.
>> Is that the rationale and benefit of having the full fingerprint on the
>> card?
>>
>
> You should only validate, if also you have seen picture ID.
Well, if you don't believe in the web of trust. :)
John
More information about the Fedora-marketing-list
mailing list