Comment fields in the User ID [was: Re: Help me to import my secret key please]
expires2010 at ymail.com
Tue May 18 17:55:51 CEST 2010
-----BEGIN PGP SIGNED MESSAGE-----
On Monday 17 May 2010 at 9:54:38 PM, in
<mid:201005172254.39533 at thufir.ingo-kloecker.de>, Ingo Klöcker wrote:
> The problem with
> something like OpenPGP notations or anything else
> that's not part of the User ID is that most people
> will never see this information. Most people will only
> see the user IDs (because that's the only thing the
> applications they use show to them).
That's a good point. Even if checking signatures, such things might
not be shown to the user.
> Another use case would be marking a key as deprecated.
> First, you'd add a new user ID "This key is deprecated;
> use key 0xAABBCCDD instead" (okay, I'm not really
> using the comment field here) and then you'd revoke
> the signatures on all user IDs. Of course, there are
> other more appropriate ways defined in the spec to do
> this, but IMHO putting the information right in the
> users face is much more effective than hiding it in
> some obscure fields.
Presumably you would also make that User ID the primary one, so that
it had maximum visibility (-; Of course, anybody gaining control of
your secret key could do the same and suggest people used a key of
their own creation instead... Hopefully your contacts would check the
validity of the suggested replacement before encrypting to it.
MFPA mailto:expires2010 at ymail.com
Vegetarian: Indian word for lousy hunter!!!
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the Gnupg-users