7.9.1 ProblemYou want to obtain a friend's public key securely but conveniently. 7.9.2 SolutionMost securely, get the public key on disk directly from your friend in person. Barring that:
7.9.3 DiscussionPublic keys are not secret, but they do require trust: the trust that a given key actually belongs to its alleged owner. A fingerprint can provide that trust in a convenient form, easy to read aloud over a telephone. Always verify the fingerprint before trusting a public key. If you don't, consider this scenario:
7.9.4 See Alsogpg(1). |