Question regarding user identification withing the keyrring
Werner Koch
wk at gnupg.org
Sun Feb 13 17:24:59 CET 2005
On Sat, 12 Feb 2005 21:04:24 -0300, Federico Tello Gentile said:
> Does the signed message provide the signer's public key along with its
> name and email? Does the system look for the email and name in the
No, you need to get the public key from elsewhere (usually a
keyserver). The key for signature verification is looked up by the keyid.
> I have to decide what information would I use for matching a signed
> document with a user's certificate, should I use the public key or the
> email?
Use the fingerprint
> I know X.509 certificates have a unique Id per certificate issued,
> but
Which is not always unique as some CA issues new certificates using
the same serial number.
Shalom-Salam,
Werner
More information about the Gnupg-users
mailing list