On 17.12.2016 09:52, Nico wrote: > But there is no way for me to check the full fingerprint. I first need > to import/download the key and then i can validate it. If it would be > shown directly with the full length, that'd be simpler and more secure. > Another option would be to add a hover text with the full fingerprint.
There is no such problem: https://pgp.mit.edu/pks/lookup?search=0x48B660CA&op=index&fingerprint=on just tell you want to knwo the fingerprint and the keyserver might tell you. and later after import check another time, as the connection could have been intercepted (X.509 and/or TLS aint perfect as well). Choose your thread model wisely
signature.asc
Description: OpenPGP digital signature
_______________________________________________ enigmail-users mailing list [email protected] To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
