Question regarding user identification withing the keyrring

Werner Koch wk at
Sun Feb 13 17:24:59 CET 2005

On Sat, 12 Feb 2005 21:04:24 -0300, Federico Tello Gentile said:

> Does the signed message provide the signer's public key along with its
> name and email? Does the system look for the email and name in the

No, you need to get the public key from elsewhere (usually a
keyserver).  The key for signature verification is looked up by the keyid.

> I have to decide what information would I use for matching a signed
> document with a user's certificate, should I use the public key or the
> email?

Use the fingerprint

> I know X.509 certificates have a unique Id per certificate issued,
> but

Which is not always unique as some CA issues new certificates using
the same serial number.



More information about the Gnupg-users mailing list