Delete key from keyserver
David Shaw
dshaw at jabberwocky.com
Wed Oct 26 01:39:51 CEST 2005
On Tue, Oct 25, 2005 at 06:22:10PM -0500, Alex Mauer wrote:
> David Shaw wrote:
> > On Mon, Oct 24, 2005 at 04:21:32PM -0500, Alex Mauer wrote:
> >
> >
> > I don't agree with this. The user ID system in all OpenPGP products
> > gives a regular UTF-8 string. Signatures simply bind that string to
> > the primary key. The system says exactly "Alex Mauer belongs with key
> > 0x51192ff2" and "hawke at hawkesnest.net belongs with key 0x51192ff2".
> > You cannot sign a user ID without binding it to a key.
>
> When the string "Alex Mauer <hawke at hawkesnest.net>" is bound to
> 0x51192ff2, there's also an association made between the two parts of
> the string. The system does /not/ say "Alex Mauer belongs with key
> 0x51192ff2" and "hawke at hawkesnest.net belongs with key 0x51192ff2". It
> says "Alex Mauer and email hawke at hawkesnest.net belong with 0x51192ff2"
> as one statement. It's a subtle, but important, distinction.
>
> I should be able to affirm that hawke at hawkesnest.net uses 0x51192ff2
> without being forced to also affirm that "Alex Mauer" uses 0x51192ff2,
> or vice versa.
>
> Obviously, with these examples I'm happy to affirm both, since hey ..
> it's me. But [hopefully] you get my point.
Some people (myself included) check both before signing. The name via
some sort of formal ID, and the email via a mail challenge.
Still, if you don't want to bind both tokens together, just create an
user ID of <hawke at hawkesnest.net> without the name attached or a user
ID of "Alex Maurer" without the email address attached. Some people
will not sign such a user ID though, and at least the name-only one is
of questionable usefulness in practice.
David
More information about the Gnupg-users
mailing list