IDs, signatures and all that stuff

Mark Brown
Mon Mar 11 18:30:01 2002

Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Mar 11, 2002 at 05:04:30PM +0100, Martin Christensen wrote:

> >>>>> "Janusz" =3D=3D Janusz A Urbanowicz <> writes:

> Janusz> I believe that you miss teh fact that key trust is calculated
> Janusz> on per-key and not on per-user ID basis.

> Wouldn't that mean that I could create ad hoc bogus IDs for causing
> general mayhem?

Not really.  The trust he's talking about is not for your IDs, it's for
trusting your signatures on other people's keys.  If you've got two IDs
on your key, one very widely signed and one not signed except by
yourself your signature on other people's keys will still come into play
on the web of trust even though your second ID might not be verifiable.

"You grabbed my hand and we fell into it, like a daydream - or a fever."

Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see