Keysigning challenge policies/procedures

David Shaw dshaw at
Fri Jul 7 23:23:37 CEST 2006

On Fri, Jul 07, 2006 at 07:22:40PM +0200, Mark Kirchner wrote:
> On Friday, July 7, 2006, 11:19:47 AM, Marcus wrote:
> > * Todd Zullinger <tmz at> wrote:
> >
> >> What I don't see in any of the links is more information about sending
> >> an email challenge before signing a key.  (My apologies if I'm
> >> overlooking it on your page or any of the others.)
> >
> > Before I used a protocol to signing keys where I sent out random strings
> > as challenge response but it's not worth. There is no enhanced security
> > and only more work for "signer" and "signee". If you send the signed UIDs
> > encrypted to each mail address separately it has the same effect in
> > security
> I don't think that's true: Decryption is (usually) handled by the
> encryption subkey and there's absolutely no guarantee that this subkey
> is controlled by the same person as the primary/signing key. There may
> even be valid reasons to split the two "roles".
> Since UIDs are attached to the primary key and the primary key is the
> only one that can modify UIDs (and signing a key is all about UIDs)
> this system can't prove what it's supposed to prove: The link between
> the UID (better: the e-mail-address in it) and the person in control
> of it.

This is exactly correct.  The "identity" (for lack of a better word)
is the primary+UID.  Since that is what you are signing when you sign
someone's key, that is what you should be verifying before you make
the signature.


More information about the Gnupg-users mailing list