keysigning ?= UIDsigning
Chad Miller
cmiller@surfsouth.com
Wed, 28 Jun 2000 20:46:27 -0400
--xHFwDpU9dbj6ez1V
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
On Wed, Jun 28, 2000 at 07:34:24PM -0400, Billy Donahue wrote:
> You accumulate signatures on your UID+key, not the key itself.
> A signature asserts a relation of a UID to the key.
=2E..but a fingerprint or keyid doesn't assert UID at all. So, when you're=
=20
at a keysigning party, you should demand the UID as well?
Hmmm. I think I agree with this, but I suggest a change to the docs to=20
add as the primary UID only information that should never change, and add
UIDs later to contain email addresses and other ephemeral info after it.
It'd be a shame to get plenty of signatures on a single-UID key and have
your ISP go tits-up. =20
- chad
--
Chad Miller <cmiller@surfsouth.com> URL: http://web.chad.org/ (GPG)
"Any technology distinguishable from magic is insufficiently advanced".
First corollary to Clarke's Third Law (Jargon File, v4.2.0, 'magic')
--xHFwDpU9dbj6ez1V
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE5WpxjQEOZop5pR9kRAj6mAJwOPWJKzXQFwPntX1SpecWrobdjygCgmtCv
0lKuij0NtbXD8tqRbhoImTc=
=4mhd
-----END PGP SIGNATURE-----
--xHFwDpU9dbj6ez1V--