1.4.3 // proper syntax for --edit-key cross-certify ?

John W. Moore III johnmoore3rd at joimail.com
Thu Apr 6 01:13:06 CEST 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Charly Avital wrote:

> But when I Quit, I am prompted to save changes:
> --------------
> Command> quit
> Save changes? (y/N) n
> Quit without saving? (y/N) y
> --------------
> 
> I have chosen to quit without saving any changes, because the truth is I
> do not fully understand what the change is, and what it would do to my
> key and/or to my signing subkey.

Knee-jerk response is to say "It does Nothing to you Key/sub-Key" but
that is not /exactly/ true.  What occurs is that your Key & sub-Key are
inextricably linked.  This is prevent a very remote & arcane possibility
of your signing sub_key being hijacked.

Real World effect.....with 'require-cross-certification' active in my
gpg.conf File your message Opened with a yellow stripe across the top of
my Enigmail Screen and a 'Red' Pen in the lower right corner.  Clicking
on the pen gives me a verbose text indicating that you have *not* back
signed the sub-Key.  When I comment out the gpg.conf entry I Open the
message to the familiar Green Line indicating 'Good Signature from
Trusted Key'.

Had you chosen to 'save' the changes it would have appeared Green when I
first Opened this Post.  My suggestion would be to go ahead and 'save'
the changes and rest comfortably that it will have no negative effect
whatsoever.

Others will surely disagree with me and should appear here shortly.

JOHN ;)
Timestamp: Wednesday 05 Apr 2006, 19:11  --400 (Eastern Daylight Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4-4092cvs: (MingW32)
Comment: Public Key at:  http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust (US26): http://www.gswot.org
Comment: Homepage:  http://tinyurl.com/9ubue
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQEcBAEBCAAGBQJENE7sAAoJEBCGy9eAtCsPFZEH/j0T49h7lh3ugrZE2WN3KB3S
cQre6aVgJ0ectjc1aam0nfu2oZJMMbrvFbpgrKHsUYZF/BBEtyvRIZ8ABwK8Wqo8
BO+JVu4egZQ4mxHOR3X/LDc956kuCOq5/DOj0oTc07dTb5OToLL/bi1GTKXx9WWn
LMgKLnU18RYCuCoJie/t9zyz/XmepQDQ5/6Lb6sjKfyQsylC+KWbIeASSjxJuphn
jQZJOvQpEZ/wA3MVByuK4oibWlLJIECldRH7uB+inD+nNpdW1hHklb721hQnAcH0
C06qsXhbDjnLmm6zeqLyWGNtCB03+0mAeulaXkwzRV5POKd+bEAUURVFm0JGFr8=
=Uz8J
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list