Subkey revocation means losing signatures?
David Shaw
dshaw at jabberwocky.com
Wed Oct 19 14:39:57 CEST 2005
On Wed, Oct 19, 2005 at 02:30:31PM +0200, Realos wrote:
> hi,
>
> >
> >yes adding a new one and revoking the old one. The original question was about modifyuing the uid.
>
> I think I got the point. Deleting a UID results in loss of signatures
> while revkong a UID doesn't if it signs the new UID prior to being deleted.
No. Deleting a UID results in loss of signatures on that UID
(deleting a UID actually removes the signatures completely so they're
really lost). Revoking a UID also results in loss of signatures on
that UID. They're not deleted, but they are ignored from then on.
Signing a UID with another UID is not a meaningful statement. UIDs
don't sign.
> What about creating an empty uid, i.e. without any email address and
> requesting people to sign that uid in addition to respective UIDs with
> email address?
Some people do this, and it can be useful in certain places (signing
keys), but it does not resolve the "this key is untrusted - use it
anyway?" question unless people select the key using the empty UID.
David
More information about the Gnupg-users
mailing list