key-signing for pseudonyms

Thomas Sjögren thomas at northernsecurity.net
Tue May 18 20:56:30 CEST 2004


On Tue, May 18, 2004 at 06:37:28PM +0200, Malte Gell wrote:
> Gpg already has the needed features to do something like this, though 
> probably violating some principles.
> 
> You locally sign someone's key and force the export with --export-option 
> include-local-sigs and the other person uses allow-local-sigs to import 
> this local signature (see manpage). This way you can have your key 
> signed without "spreading" the signatures unintentionally e.g. to 
> keyservers. 
> 
> Of course it's not totally bulletproof since the recipient of such a 
> signature can always enforce the export if he really wants to do so. 
> How far this procedure is useful at all may is something different., it 
> makes only sense for a closed group of people.

Not really what i meant. I was thinking more of a signature only the
holder of the secret key is able to decrypt.

/Thomas
-- 
== thomas at northernsecurity.net | thomas at se.linux.org
== Encrypted e-mails preferred | GPG KeyID: 114AA85C
--
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 481 bytes
Desc: Digital signature
Url : /pipermail/attachments/20040518/0ec63965/attachment-0001.bin


More information about the Gnupg-users mailing list