Slightly OT: GPG and PGP Global Network

Jason Stephenson jason at sigio.com
Fri Dec 10 22:01:01 EST 2004


About 3 years ago, I published my public key to a PGP keyserver. It has 
two signatures from friends. I have not used it other than a half-dozen 
times during the first year after publishing it, in fact, I'd almost 
forgotten about it.

Tonight, I received a message from the PGP Global Network to verify that 
the key they have for my email address is correct. I have the option to 
Accept or Cancel.

One of the email addresses associated with this key is no longer valid 
for me.

I'm wondering if I should 'Cancel' the key and generate a new one 
(though I'll likely not use it), or should I 'Accept' the key and then 
publish my revocation certificate to the server. What do those of you 
who use PGP/GPG on a regular basis think is the better course of action?

Just as an aside, has anyone ever used encryption with Mozilla/Netscape 
email? I understand that it uses a certificate to identify the user and 
that you can get one from several sources. Is it compatible with PGP or 
is it something else entirely?

Yes, I know there is a GPG plugin for Mozilla Email and I have 
considered using it. I just haven't bothered downloading the code.

TIA,
Jason



More information about the gnhlug-discuss mailing list