[talk] How I stopped worrying, and learned to love GPG
mirimir at riseup.net
Sun Feb 22 00:06:56 EST 2015
On 02/21/2015 08:39 PM, Charles Sprickman wrote:
> I dont have anything to contribute, but following one of the links
> for one of the other projects landed me here, and it’s a great read:
It's an amusing article, but largely beside the point. For me anyway. I
may read someone's stuff in a public forum, and want to converse in
private. So I find their public key, and I email them. And by "them", I
mean whomever controls the email address that they seem to be using.
Maybe they're actually Yakuza. But then, maybe I'm Triad ;)
> [Back to my words, which I’m stating in case this is all mangled]
> Oh, and shall we talk about Enigmail and how it might turn normal
> people off to the idea of encrypting their email? Or about what
> strange mangling some will experience when trying to read this
> Mail.app/MacGPG monstrosity has stitched together because I chose to
> sign this email?
I'm currently using Thunderbird+Enigmail in Ubuntu, and see nothing odd
about your message. Perhaps others might share about "mangling".
> Or that when some of you look up my key you’ll find
> two and wonder if one is the result of some earlier NSA
> kidnapping stunt?
Getting your public key was entirely transparent. Initially, I saw
"Unverified signature; click on 'Details' button for more information".
Clicking on "Details", I selected "Import Public Key" and used the
default <pool.sks-keyservers.net>. That yielded a key with fingerprint
"09BC 2152 0D23 9583 CAE5 068A 8995 219C FE86 A4F6". Is that correct?
But perhaps you have other keys, on other keyservers. And maybe one of
them has been compromised, and you can't revoke it. That's why I like
<keybase.io>. You could link your current public key to blogs, online
accounts, etc. So I would know which one to use.
>> talk mailing list
>> talk at lists.nycbug.org
> talk mailing list
> talk at lists.nycbug.org
More information about the talk