Signature type question
laurent Alacoque
laurent.alacoque@bigfoot.com
Tue Jun 26 11:33:01 2001
Hi list.
Carefully reading RFC 2440, I found out that there was several
key signature types ranging from
0x11 (hexa) : I didn't have made any verification of this person's ID.
to 0x13 I have done substential verifications of this person's claim of
Identity (I checked his passport and key FPR)
There's also the 0x10 "Generic certification" wich "does not make any
particular assertion of how well the certifier has checked that the owner
of the key is in fact the person described by the user ID".
RFC also says :
"Note that all PGP 'key signatures' are this type of certification".
Questions:
- What's the point of a signature that do not make any particular
assertion? Why use it if not only for my own keyring? If so why should I
export these 0x10 signatures to a public keyserver? I must have missed
something.
- I guess 0x11 to 0x13 signature types are used to sign keys too.
(If not, what else?) If so, how can I sign someone key with a given trust
level of his real identity? i.e. how can I sign with sig type 0x13 someone
I personaly know?
Thanks for your time.
References:
RFC 2440 bis:
http://www.ietf.org/internet-drafts/draft-ietf-openpgp-rfc2440bis-02.txt
(par 5.2.1. Signature Types)
--
laureck
KFPR: 6A32 18F7 E8A4 EC10 5136 9A24 8221 3736 [EAD4 A9AC]