How trust works in gpg...

David Shaw dshaw at jabberwocky.com
Tue Apr 15 20:09:02 CEST 2008


On Tue, Apr 15, 2008 at 03:10:47PM +0200, Herbert Furting wrote:
> To say it short: In my opinion every information that you sign/certify
> should be actually validaded.
> It probably makes even sense to check if a keyholder specified all of
> his given names,... and perhaps one shouldn't sign UIDs like "Geroge
> W. Bush" if the W. is an abbreviation, while "Harry S Truman" would be
> ok,.. as the S wasn't an abbreviation (iirc).

Not at all (though it is true that the S in Harry Truman's name isn't
an abbreviation).

When you sign a UID, you're signing what is there, and not making any
statement beyond what is there.  You don't need to insist they spell
out all of their names.

David



More information about the Gnupg-users mailing list