Alternate user ids

Robert Levin levin at
Mon Jun 1 09:40:03 CEST 1998

On Mon, 1 Jun 1998, Werner Koch wrote:

> The solution is quite simple:  We use OpenPGP sub-packets (a private one
> for now) to store the hash of the key and the user id to be signed. If
> the signature of the user id which is directly signed is okay we can
> proceed and compare the hash values of the alternate user ids, if they
> compare okay we have a valid signature on the other user id too.  If
> they don't match we know that the signature is invalid or calculated
> on a user id which  has been removed.  This methods needs only 23
> additional bytes per signed  alternate user id compared to about 68
> for a complete DSA signature (or even more for an ElGamal signature).
> It also saves time, as the time consuming signature verification has
> only to be done once.

Sounds great.

Rob L.

More information about the Gnupg-devel mailing list