----- Original Message -----
From: "Kurt Roeckx" <[EMAIL PROTECTED]>
> Should I point out that a "fingerprint" is nothing more than a
> hash?

If somebody shows you their passport to prove who they are and then gives
you a fingerprint of their PGP key, they have implicitly signed that
fingerprint. By contrast, a simple MD5 checksum of a binary sitting on the
same server is effectively unsigned.

You might like to do a little reading on PKI and how it works, before you
make further comment.



---------------------------(end of broadcast)---------------------------
TIP 1: subscribe and unsubscribe commands go to [EMAIL PROTECTED]

Reply via email to