Keysigning challenge policies/procedures

Mark Kirchner mail at
Fri Jul 7 19:22:40 CEST 2006

On Friday, July 7, 2006, 11:19:47 AM, Marcus wrote:
> * Todd Zullinger <tmz at> wrote:
>> What I don't see in any of the links is more information about sending
>> an email challenge before signing a key.  (My apologies if I'm
>> overlooking it on your page or any of the others.)
> Before I used a protocol to signing keys where I sent out random strings
> as challenge response but it's not worth. There is no enhanced security
> and only more work for "signer" and "signee". If you send the signed UIDs
> encrypted to each mail address separately it has the same effect in
> security

I don't think that's true: Decryption is (usually) handled by the
encryption subkey and there's absolutely no guarantee that this subkey
is controlled by the same person as the primary/signing key. There may
even be valid reasons to split the two "roles".

Since UIDs are attached to the primary key and the primary key is the
only one that can modify UIDs (and signing a key is all about UIDs)
this system can't prove what it's supposed to prove: The link between
the UID (better: the e-mail-address in it) and the person in control
of it.

Mark Kirchner

Key (0x172C073C):
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 183 bytes
Desc: not available
Url : /pipermail/attachments/20060707/b501c07e/attachment.pgp

More information about the Gnupg-users mailing list