notation data & policy URL

Atom 'Smasher' atom-gpg at suspicious.org
Sat Apr 10 09:15:33 CEST 2004 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> > > > also, can a policy url and/or notation data be included in a self
> > > > signature?
> > >
> > > Sure, why not?  Self-signatures are signatures too.
> > =======================
> >
> > how would one do that?
>
> Same way one would do it for a non self-signature.  cert-policy-url or
> cert-notation.
================================

it took me a while to figure it out using existing keys... if all else
fails, use --expert.

however, this seems strange... if i generate a key like this:
    gpg --cert-policy 'http://test-policy' --cert-notation 'A at B=test notation' --gen-key

it places the notation and URL on both the signing key and the encryption
sub-key:
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
$ gpg --list-key --show-policy --show-notation 2A42B922
pub  1024D/2A42B922 2004-04-10 testing <testing at abc.xyz>
sig 3   PN  2A42B922 2004-04-10   testing <testing at abc.xyz>
   Signature policy: http://test-policy
   Signature notation: A at B=test notation
sub  1024g/5A5D67E7 2004-04-10
sig     PN  2A42B922 2004-04-10   testing <testing at abc.xyz>
   Signature policy: http://test-policy
   Signature notation: A at B=test notation
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

while i do understand the logic (they ~are~ both certification
signatures), it seems redundant... shouldn't it be sufficient to only add
those packets to the signing key?


	...atom

 _________________________________________
 PGP key - http://atom.smasher.org/pgp.txt
 3EBE 2810 30AE 601D 54B2 4A90 9C28 0BBF 3D7D 41E3
 -------------------------------------------------

	"Thoughtcrime was not a thing that could be concealed forever.
	 You might dodge successfully for a while, even for years, but
	 sooner or later they were bound to get you."
		-- George Orwell, "1984"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)
Comment: What is this gibberish?  -  http://atom.smasher.org/links/#digital_signatures

iD8DBQFAd58anCgLvz19QeMRAkMpAKCYvNVMxa+OFC4e5Y+pI3m6tnFUKwCeNvjp
KF1HqSxRts0nShAoLd/H0aY=
=lgY9
-----END PGP SIGNATURE-----

More information about the Gnupg-users mailing list