Signing Keys w/ Multiple User IDs

David Shaw dshaw@jabberwocky.com
Tue Jul 30 15:07:01 2002 

On Tue, Jul 30, 2002 at 10:41:29AM +0200, Adrian 'Dagurashibanipal' von Bidder wrote:
> On Tue, 2002-07-30 at 04:24, David Shaw wrote:
> 
> [which uid to sign?]
> 
> > In the specific case you mention (a key used to verify a software
> > package), it does not matter.  This is because in this case, the key
> > is located by its key ID and not a particular user ID.  Signing one or
> > all of the user IDs will have the same function of trusting the key.
> 
> Summarized (please correct me if I'm wrong):
> 
> If you're encrypting, key lookup is per userid, so it matters which uid
> you signed.
> If you're verifying signatures, key lookup is per keyid, because the
> signature does not store any 'signer' userid.

Correct.  There is actually a way in the OpenPGP spec of indicating
which user ID within a key did the signing, but this is generally not
used.

> I've had a lengthy discussion about what a userid - and a signature on a
> userid - exactly means (especially because userid is really limited to
> e-mail [1]) and would be interested to know if the trust model will get
> some reworking in the future (g10 Code lists reworking the trust model
> on their TODO list...)

A user ID is just a blob of bytes that indicates something about the
owner of the key.  This blob can be a text string, a photo, or
whatever you like.  A signature on a user ID means, in effect, "I
believe this user ID matches a human being that controls this key".

I'm not sure if this is what Werner was referring to in the TODO list,
but there is also the notion of a "trust signature", which is somewhat
different from the above trust model, and is based on "Modelling a
Public-Key Infrastructure" by Ueli Maurer
(ftp://ftp.inf.ethz.ch/pub/crypto/publications/Maurer96b.pdf).  I
actually have a GnuPG implementation of this working, but it is too
experimental for the 1.2 release.  Trust signatures are interesting as
they let you make statements like "I trust Alice completely, but only
when she is signing keys in the example.com domain".  This sort of
thing is useful in the corporate world, where the Big Boss can
delegate key signing responsiblity to others with this method.

David

-- 
   David Shaw  |  dshaw@jabberwocky.com  |  WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson