newbie question about identities

Neil Williams
Fri Oct 3 21:12:02 CEST 2003

Content-Type: text/plain;
Content-Transfer-Encoding: quoted-printable
Content-Description: signed data
Content-Disposition: inline

On Friday 03 Oct 2003 10:14 am, Stewart V. Wright wrote:
> --fingerprint' remains constant, but you can change ids.  Take my key
> for example.  I have 4 different ids and at least 2 of them will not

Which makes 0xb3334559 difficult to retrieve sometimes. It took a little=20
searching before I could find it to verify a signature declared initially a=
0x35DB7472 which is a subkey.
and then searching for 35DB7472.

It would be handy if you mentioned the public keyid 0xb3334559 in your=20
signature line in all signed emails - hkp:// keyservers don't contain the U=
that matches your current signature but at least it gives readers a headsta=
on finding your key. Better still would be a simple page on a website=20
mentioned in a sig or GnuPG comment allowing the full key to be downloaded =
ascii armour.
(Mine's on the site but it's a plain key and doesn't have an=
features that cause problems on hkp:// keyservers so I wouldn't think the=20
page is needed much.)

There's no string specifying a location in the GnuPG signature comment, the=
subkey ID is not on hkp:// keyservers and your email address isn't found on=
=20 keyserver either (which tends to be able to cope with keys=
that get corrupted/ignored by other keyservers). sks does have the key, but=
searching by name is always my least favourite option - there are so many=20
matches usually that it takes time to find out if you've got the right one.

> Also, there are umpteen keys on the key servers with my name (id)
> attached to them (really should have learnt about revoking all those
> years ago!) but only two are valid at the moment.

Some appear to be revoked but none match the signing subkeyID of this messa=


Neil Williams

Content-Type: application/pgp-signature
Content-Description: signature

Version: GnuPG v1.2.1 (GNU/Linux)



More information about the Gnupg-users mailing list