can`t verify signature
David Shaw
dshaw@jabberwocky.com
Sat Jul 26 21:27:19 2003
--nFreZHaLTZJo0R7j
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Fri, Jul 25, 2003 at 06:30:29PM +0100, Neil Williams wrote:
> On Friday 25 Jul 2003 5:44 pm, Adrian 'Dagurashibanipal' von Bidder wrote:
> > Well, this is OT, but I found it while searching for John Aldrich's key=
=2E..
> >
> > 8D5E4057 shows a very ... errrm ... interesting mode of use for PGP - w=
ould
> > you sign this key????
>=20
> Absolutely not. Who are you verifying?
You are verifying the user ID. There is nothing wrong with such a
key. It is a perfectly valid (though uncommon) thing to do.
Remember that "signing a key", is really signing a user ID. You would
have to sign each of these user IDs individually, and if you believe
that each of those user IDs honestly reach the owner of the key, then
you are quite correct in signing them. At the same time, if you
believe only one of the user IDs is valid, you can sign that one which
does not give any validity to the others.
David
--nFreZHaLTZJo0R7j
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.3.3-cvs (GNU/Linux)
Comment: Key available at http://www.jabberwocky.com/david/keys.asc
iHEEARECADEFAj8i0NIqGGh0dHA6Ly93d3cuamFiYmVyd29ja3kuY29tL2Rhdmlk
L2tleXMuYXNjAAoJEOJmXIdJ4cvJdykAnR8DO75Tg33VNIktRT7LyZsRHQf4AJ4/
1X8yRJufp2wlXb1x6j2ifFzWuw==
=pvgH
-----END PGP SIGNATURE-----
--nFreZHaLTZJo0R7j--