Adding a UserID to Your Key

Lawrence Chin kurtc1972 at gmail.com
Sat Oct 4 22:44:02 CEST 2008 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Kara wrote:
> ====
> 
> Reference your 26 Sep (1859 -0700) "signing documents and others":
> 
>> ...(5) How to add an additional UID to my kurt c key on the
>> keyserver? I want to add my real name to it.
> 
> Go to "Thunderbird | OpenPGP | Key Management" and highlight your key.
>  Then on the same "Key Management" screen go to "Edit | Manage User
> ID" and on the lower left of the resulting screen click on "Add."
> 
> Complete the resulting screen as desired and click on "OK," and then
> on the resulting screen enter your key's passphrase and you're done.
> 
> ====
> 
> Another way would be do use your computer's terminal mode program and
> do the same sort of thing via the GPG command line procedure.  If you
> don't currently know how to do that, let me know and I'll be glad to
> provide a quick step by step outline.
> 
> I'm not doing that here since I assume you're in a hurry to make the
> change and since you are using Enigmail, I'm providing instructions
> for that.  However, when and as you're comfortable with using GPG, I
> urge you to gradually ease into some of the basic uses of the GPG
> command line procedures as the need arises and your time permits.
> 
>     Enigmail, like any Graphic User Interface (GUI) for GPG
>     or PGP only allows you to access some of the most commonly
>     used commands of those two programs.  It's only through the
>     use of the GPG or PGP command line procedures that you are
>     able to access all of the capabilities of either program.
> 
> ====
> 
> Regarding adding a userID to your current key:
> 
>     a.  That's a good way to go if you don't mind individuals
>         using your key being aware of both your real name and
>         your pseudonymous name.
> 
>     b.  If you wish to keep those two identities totally separate,
>         then you would probable wish to establish one key for
>         each.
> 
>     c.  In making the above decision, keep in mind that once you
>         (or someone else) uploads your subpara "a" key above to
>         a public keyserver, you are stuck with it forever since
>         currently there is no way to remove your key from the
>         public keyserver.  You can revoke the key, you can revoke
>         the two differently named userIDs, etc but despite your
>         uploading a key with those revocations, those changes are
>         only "added" to your key as originally posted.  Nothing
>         once posted can be removed.
> 
>              As an extreme example, if someone signs your
>              key with a key that includes the comment
>              "Lawrence hates the Pope, Jews, and Blacks"
>              and then uploads your key to a public
>              keyserver, that signatures will remain on your
>              key essentially forever no matter how distasteful
>              or maddening such a comment is.  You can't remove
>              the signature and you can't revoke it.  And even
>              if the individual who signed the key subsequently
>              revokes his signature, that signature (and its
>              revocation) will still continue to be shown on
>              your key as displayed on the public keyservers.
>              Again, even if you revoke the key, it will remain
>              on the public keyservers (albeit, shown as revoked).
> 
>     d.  And whether you want your key uploaded to a public keyserver
>         or not, you can almost be positive that eventually it will
>         be by someone who does so thinking they are being helpful or
>         by someone who just wants to annoy you since he or she knows
>         you don't want your key uploaded there.  <SIGH>
> 
> ====
> 
> I won't be able to respond to your query on how to structure your two
> e-mail accounts until late Sat probably due to unexpected company
> having arrived.
> 
> Best wishes for an enjoyable weekend.
> 
> 
> Timestamp: Sat 27 Sep 2008, 0017 Local (UTC -0400)
> 
> ====
Hi everyone, I want to propose something. Kara has been very patiently
helping me with my questions on the board about how to use GnuPG and
Enigmail, as is here. However, on two occasions she used sensitive words
in her examples as in the "extreme example" here. It didn't just keep me
scared all night and day due to my weak nervous system, but it has
bothered me for over a whole week for another reason. I want to propose
that we all use absolutely untainted clean language when we send
encrypted emails (like this one is encrypted) so that we wouldn't give
authority a reason to take away this privilege of ours to use
encryption. It should be part of our ethic in using encryption.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkjn1HQACgkQE7PX/Y51jV/+mQCgj/A+g4W8koqdupOylywssFSr
rkMAoKW/8vYRq06ou0PWV8IoNLdTyXbm
=kl65
-----END PGP SIGNATURE-----

More information about the Gnupg-users mailing list