On Sat, 5 Jan 2013 20:38, iang(_at_)iang(_dot_)org said:
Fingerprints aren't really for the wire, and if you use them for the
wire, you're exercising your right to develop your own security model
and threat model. For my money - don't do that.
The fingerprint is used for an revocation key (5.2.3.15). However, your
policy may simply disallow the use of a revocation key if this is a
threat to you.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp