export single UID of a key
Douglas F. Calvert
Tue Apr 8 08:24:01 2003
On Mon, 2003-04-07 at 22:11, Michael Nahrath wrote:
> Do this for every UID in a key seperately.
> Do _not_ keep these signatures in your normal keyring.
> If the key owner uploads the signatures to the keyservers he prooves that
> he owns the secret key. You get your signature back via '--refresh-keys'.
He really only proves that he has the secret key on his disk and that he
brute forced the password to the key. For most purposes this seems
reasonable. However if you rely on an encrypted challenge and then sign
the key you could improve it a little more by having a time limit. Three
or four days does not seem like enough time to brute force a reasonable
passphrase (~10 characters). But this is all napkin math...
Douglas F. Calvert <email@example.com>