Delete key from keyserver
hawke at hawkesnest.net
Thu Oct 27 20:10:35 CEST 2005
David Shaw wrote:
> You always have the option to not sign, of course. But you don't get
> to tell the keyholder what information he puts in his user ID string.
> You don't create that, and it must be signed completely or not signed
> at all.
Of course it is not possible to tell the key holder what information
they type in.
My original statement was that it would be better for GnuPG to not
discourage split UIDs, and that there is no reason to be signing two
pieces of data (real name and email) with one signature.
Else, why not include the photo in there as well, so you have to sign
"Real Name (Comment) <email address> [photo]", and each key has to
include the photo /n/ times. After all, why should the signer get to
decide to sign only the name and email, and not the photo!?
If it's somehow more secure to combine name and email into one string,
then why doesn't that argument apply to photo UIDs as well? (I realize
that there are technical reasons for treating the photo as a separate
ID, since it's a distinct data type. But the security implications are
Bad - You get pulled over for doing 90 in a school zone and you're drunk
off your ass again at three in the afternoon.
Worse - The cop is drunk too, and he's a mean drunk.
FUCK! - A mean drunk that's actually a swarm of semi-sentient
OpenPGP key id: 0x51192FF2 @ subkeys.pgp.net
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 382 bytes
Desc: OpenPGP digital signature
Url : /pipermail/attachments/20051027/db0ad33d/signature.pgp
More information about the Gnupg-users