How trust works in gpg...
dshaw at jabberwocky.com
Tue Apr 15 20:09:02 CEST 2008
On Tue, Apr 15, 2008 at 03:10:47PM +0200, Herbert Furting wrote:
> To say it short: In my opinion every information that you sign/certify
> should be actually validaded.
> It probably makes even sense to check if a keyholder specified all of
> his given names,... and perhaps one shouldn't sign UIDs like "Geroge
> W. Bush" if the W. is an abbreviation, while "Harry S Truman" would be
> ok,.. as the S wasn't an abbreviation (iirc).
Not at all (though it is true that the S in Harry Truman's name isn't
When you sign a UID, you're signing what is there, and not making any
statement beyond what is there. You don't need to insist they spell
out all of their names.
More information about the Gnupg-users