wk at isil.d.shuttle.de
Wed Jan 27 14:16:37 CET 1999
Thomas Roessler <roessler at guug.de> writes:
> No. My problem lies in the fact that gpg assigns trust ("validity")
> values to public keys, not to the association between a key and a
> specific user ID, as far as I can tell. (At least I don't see any
Right. We had a discussion about this a long time ago and this is
definetly the right way to do it. I assume that a signator always
takes the same precautions when signing a user id regardless of the
form of user id. If you think he does not - don't trust the signator.
> > $ gpg --list-keys --with-colons
> > pub:q:2048:1:D2262944CE6AC6C1:1997-12-23::216:f:Thomas Roessler
> This is only information about the key and, maybe, about one user ID
> of that key.
You get all the user ids
$ gpg --list-keys --with-colons 0C9857A5
pub:u:768:1:1D19F4C10C9857A5:1995-09-30::83:-:Werner Koch <werner.koch at guug.de>:
uid:::::::::Werner Koch (mein alter key) <wk at computer.org>:
> Type Bits/KeyID Date User ID
> pub 2048/93478F6B 1997/06/17 Fake alert. Don't use this key. % f-1
> sig! DD08DD6D 1997/06/19 Roland Rosenfeld <roland at spinnaker.rhein.de>
> sig!* 593238E1 1997/06/19 Thomas Roessler <roessler at guug.de>
> in-ca at individual.net SIGN EXPIRE:1998-12-31 Root CA des Individual Network e.V. <in-ca at individual.net>
A revocation certificate is the way to do this and not assigning
another user id.
> Or think about a key which has a certified user ID and self-signs
> another, bogus ID. The user must be able to tell the trusted ID
A self-signed but bogus user id ??
I know that we should have user id and certification revocations.
More information about the Gnupg-devel