Unwanted additions to Keys

[Huels, Ralf KSV]

> You are mistaken. Anyone can add user-ids to any key. An implementation of
> OpenPGP done correctly will ignore user-ids that do not have valid
> self-signatures (IMHO), and you need the private key to make a
> self-signature, but that doesn't stop someone from adding a user-id to a
> key.

Ok. I tried adding a UID to someones key in GnuPG before my last message
and got a reject. I assumed that it was an OpenPGP feature but apparently 
it´s just a GnuPG feature.

> Been done. There is an "owner-update-only" flag in OpenPGP that the user
> can select, so that no one can update his key on the keyservers but
> himself.

I see. It does not seem to be widely advertised or even (as Werner pointed
out) widely used by the servers.

Tschuess,
Ralf

-- 
Ralf Hüls                                                  Bismarckplatz
KSV Kreditschutz-Vereinigung GmbH                           44866 Bochum
Score-Consult                                         Tel. 02327/9114-28
http://www.schufa.de/                                 Fax. 02327/8 40 27