IDs, signatures and all that stuff

Mark Brown broonie@sirena.org.uk
Mon Mar 11 18:30:01 2002


--xaMk4Io5JJdpkLEb
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Mar 11, 2002 at 05:04:30PM +0100, Martin Christensen wrote:

> >>>>> "Janusz" =3D=3D Janusz A Urbanowicz <alex@bofh.torun.pl> writes:

> Janusz> I believe that you miss teh fact that key trust is calculated
> Janusz> on per-key and not on per-user ID basis.

> Wouldn't that mean that I could create ad hoc bogus IDs for causing
> general mayhem?

Not really.  The trust he's talking about is not for your IDs, it's for
trusting your signatures on other people's keys.  If you've got two IDs
on your key, one very widely signed and one not signed except by
yourself your signature on other people's keys will still come into play
on the web of trust even though your second ID might not be verifiable.

--=20
"You grabbed my hand and we fell into it, like a daydream - or a fever."

--xaMk4Io5JJdpkLEb
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8jOknJ2Vo11xhU60RArtVAJ90eDDUb17Ftce/Cu2nUO3WE9bdJgCg8F/4
hyh/v5jhNOVFKBy8IopxFTI=
=AxVz
-----END PGP SIGNATURE-----

--xaMk4Io5JJdpkLEb--