Hi, The following users are spamming the AUR comments: - https://aur.archlinux.org/account/dhavalpatel/comments - https://aur.archlinux.org/account/badmanlive/comments - https://aur.archlinux.org/account/badmanlive/comments Regards, Ali Mousavi
On 2019-06-22 13:15:21 (+0430), ali.mousavi--- via aur-general wrote:
The following users are spamming the AUR comments: - https://aur.archlinux.org/account/dhavalpatel/comments - https://aur.archlinux.org/account/badmanlive/comments Thanks, taken care of!
Best, David -- https://sleepmap.de
May i know what is that "signature.asc" file most of the members are attaching to their mail? On Sat, 22 Jun 2019, 3:12 pm David Runge, <dave@sleepmap.de> wrote:
On 2019-06-22 13:15:21 (+0430), ali.mousavi--- via aur-general wrote:
The following users are spamming the AUR comments: - https://aur.archlinux.org/account/dhavalpatel/comments - https://aur.archlinux.org/account/badmanlive/comments Thanks, taken care of!
Best, David
They are PGP digital signatures: https://en.wikipedia.org/wiki/Pretty_Good_Privacy Best regards, Frederick Zhang --- Email: frederick888@tsundere.moe
On 23 Jun 2019, at 12:32 pm, Ram Kumar via aur-general <aur-general@archlinux.org> wrote:
May i know what is that "signature.asc" file most of the members are attaching to their mail?
On Sat, 22 Jun 2019, 3:12 pm David Runge, <dave@sleepmap.de> wrote:
On 2019-06-22 13:15:21 (+0430), ali.mousavi--- via aur-general wrote:
The following users are spamming the AUR comments: - https://aur.archlinux.org/account/dhavalpatel/comments - https://aur.archlinux.org/account/badmanlive/comments Thanks, taken care of!
Best, David
the signature which is attached here with, is a public key of yours and can be used to encrypt the messages which are to be sent to you, and you can decrypt it using ur private key. Am i understood correctly? On Sun, 23 Jun 2019 at 08:16, Frederick Zhang <frederick888@tsundere.moe> wrote:
They are PGP digital signatures: https://en.wikipedia.org/wiki/Pretty_Good_Privacy
Best regards, Frederick Zhang --- Email: frederick888@tsundere.moe
On 23 Jun 2019, at 12:32 pm, Ram Kumar via aur-general < aur-general@archlinux.org> wrote:
May i know what is that "signature.asc" file most of the members are attaching to their mail?
On Sat, 22 Jun 2019, 3:12 pm David Runge, <dave@sleepmap.de> wrote:
On 2019-06-22 13:15:21 (+0430), ali.mousavi--- via aur-general wrote:
The following users are spamming the AUR comments: - https://aur.archlinux.org/account/dhavalpatel/comments - https://aur.archlinux.org/account/badmanlive/comments Thanks, taken care of!
Best, David
On Mon, 24 Jun 2019 11:25:04 +0530, Ram Kumar via aur-general wrote:
the signature which is attached here with, is a public key of yours and can be used to encrypt the messages which are to be sent to you, and you can decrypt it using ur private key.
Am i understood correctly?
The purpose of signing messages, which is usually frowned upon on almost all mailing lists, ensures that the content of a mail can't be changed without getting attantion and to ensure that the sender _is_ really the sender and not just somebody who pretends to be the sender. This works even while those mails are _not_ encrypted. You need to import the public key, to verify the signed email and you need to maintain a web of trust, to verify the imported key first.
On Mon, 24 Jun 2019 08:27:58 +0200, Ralf Mardorf wrote:
On Mon, 24 Jun 2019 11:25:04 +0530, Ram Kumar via aur-general wrote:
the signature which is attached here with, is a public key of yours and can be used to encrypt the messages which are to be sent to you, and you can decrypt it using ur private key.
Am i understood correctly?
The purpose of signing messages, which is usually frowned upon on almost all mailing lists, ensures that the content of a mail can't be changed without getting attantion and to ensure that the sender _is_ really the sender and not just somebody who pretends to be the sender. This works even while those mails are _not_ encrypted. You need to import the public key, to verify the signed email and you need to maintain a web of trust, to verify the imported key first.
PS: My apologies, I forgot to point out, no, you are mistaken. Actually it is possible to attach the public key to an email, too, but you are referring to the signing. It's the "code" to verify the signed email, not the public key. You still need to get the key from somewhere. Usually it was uploaded to a keyserver from where you could download it and then you need to import the key.
participants (5)
-
ali.mousavi@gmail.com
-
David Runge
-
Frederick Zhang
-
Ralf Mardorf
-
Ram Kumar