[horde] Importing PGP keys
Arjen de Korte
arjen+horde at de-korte.org
Thu Aug 27 13:40:06 UTC 2015
Citeren Stefan Suurmeijer <stefan at raptorweb.nl>:
> Hi Jan/List,
>
> a different question: the PGP encryption option in webmail is great, but
> is it strictly necessary to manually import a public key for every
> recipient you want to send to?
Yes. If you want/need to send encrypted messages, you must make
absolutely sure that the public keys belongs to the person you want to
send a message to (and not from someone who is impersonating this
person and uploaded a rogue key to the public keyservers). Horde can't
do that for you automatically, this needs to be done by other means
(checking in person, web-of-trust, etc).
> If so, what is the keyserver option under horde -> gnupg for, if not for
> importing keys?
For verifying signatures. Even then, if a key was found on a public
keyserver, Horde will show that the signature is valid, but still
emits a warning that it is not trusted.
--
This message was sent from a mailinglist subscription address.
For off-list replies, you must remove the address extension.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 473 bytes
Desc: PGP digitale ondertekening
URL: <http://lists.horde.org/archives/horde/attachments/20150827/7679ba4c/attachment.bin>
More information about the horde
mailing list