Re: Migrating to GPG - A mini-HOWTO
Michael Stone <mstone@debian.org> writes:
On Tue, Sep 14, 1999 at 03:38:34PM +0200, Marco d'Itri wrote:
> I signed my DSS key with the old RSA key and then asked people who
> signed the old key to sign the new one with their DSS key.
> This is easy and secure.
Again, no it isn't. How do they know that someone didn't steal your pgp
key?=20
How is this different from the question ``How does dinstall (or other
person/program) know someone hasn't stolen [developer]'s PGP key?''
Reply to: