using a key without self-signature
Len Sassaman
rabbi@quickie.net
Thu May 16 00:38:02 2002
On Wed, 15 May 2002, David Shaw wrote:
> On Wed, May 15, 2002 at 11:56:15PM +0200, Gregor Zattler wrote:
> > Dear gnupg-users,
> >
> > i want to use a pub key which is has no self-signature. I know I
> > can do this using the --allow-non-selfsigned-uid option. But i
> > want to use this key on an regular basis and search for a way
> > without this option.
> >
> > Is there a way to --edit the key so I can use it?
>
> No. If it doesn't have a self-sig, and you don't want to use the
> --allow-non-selfsigned-uid option, then there is nothing you can do,
> aside from asking the key owner to sign it.
>
> Why don't you want to use allow-non-selfsigned-uid ?
One may wish to generally not use un-selfsigned uids, but may wish to
specifically use certain keys which do not have a self-signature. Rather
than have to remember to type out allow-non-selfsigned-uid every single
time (which may not even be possible, if you are using a mail filter or
other wrapper), it would be nice to indicate that the key is acceptable in
some sort of semi-permanent fashion.
May I suggest that if a uid is signed (or lsigned) by an ultimately
trusted key, and there is no uid revocation, that it should be usable
without the allow-non-selfsigned-uid flag?