keysigning ?= UIDsigning
Wed, 28 Jun 2000 20:46:27 -0400
Content-Type: text/plain; charset=us-ascii
On Wed, Jun 28, 2000 at 07:34:24PM -0400, Billy Donahue wrote:
> You accumulate signatures on your UID+key, not the key itself.
> A signature asserts a relation of a UID to the key.
=2E..but a fingerprint or keyid doesn't assert UID at all. So, when you're=
at a keysigning party, you should demand the UID as well?
Hmmm. I think I agree with this, but I suggest a change to the docs to=20
add as the primary UID only information that should never change, and add
UIDs later to contain email addresses and other ephemeral info after it.
It'd be a shame to get plenty of signatures on a single-UID key and have
your ISP go tits-up. =20
Chad Miller <email@example.com> URL: http://web.chad.org/ (GPG)
"Any technology distinguishable from magic is insufficiently advanced".
First corollary to Clarke's Third Law (Jargon File, v4.2.0, 'magic')
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org
-----END PGP SIGNATURE-----