[Enigmail] First signed message
Robert Ryan
rbrtryn at gmail.com
Sun Aug 24 13:08:45 PDT 2008
On 8/24/2008 1:20 PM, James Gillespie wrote:
> I take it that having the link to my key in my message header
> suffices to allow my recipient to validate my signature
Putting a link in the message headers is really not a good solution.
Most of the message headers are hidden by default in most email clients.
The same goes for putting the link in the comment fields of the PGP
signature. These are usually hidden if the message verifies. The
recipient won't look for it unless they look at the message source.
If you want to include a link to your key, put it in a small text file
(also confusingly called a signature file) and have T'Bird put it at the
end of every message. For an example see below.
> but that having it on a keyserver is "best option" because this
> affords the convenience of automatic fetching and perhaps helps
> promote pgp use. Am I on the right track?
Putting the key up on the keyservers is the best option.
--
Robert Ryan
I prefer encrypted, signed email :)
My PGP keys: http://tinyurl.com/5snkgq
===================================
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 550 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20080824/0a31287d/attachment.bin>
More information about the Enigmail
mailing list