How trust works in gpg...
David Shaw
dshaw at jabberwocky.com
Tue Apr 15 22:41:21 CEST 2008
On Tue, Apr 15, 2008 at 09:36:04PM +0200, Herbert Furting wrote:
> On Tue, 2008-04-15 at 14:09 -0400, David Shaw wrote:
> > On Tue, Apr 15, 2008 at 03:10:47PM +0200, Herbert Furting wrote:
> > > To say it short: In my opinion every information that you sign/certify
> > > should be actually validaded.
> > > It probably makes even sense to check if a keyholder specified all of
> > > his given names,... and perhaps one shouldn't sign UIDs like "Geroge
> > > W. Bush" if the W. is an abbreviation, while "Harry S Truman" would be
> > > ok,.. as the S wasn't an abbreviation (iirc).
> >
> > Not at all (though it is true that the S in Harry Truman's name isn't
> > an abbreviation).
> >
> > When you sign a UID, you're signing what is there, and not making any
> > statement beyond what is there. You don't need to insist they spell
> > out all of their names.
> Well I think it's generally better to always use only full names,...
> that helps to prevent collisions like if my name would be "David
> Something Shaw". Of course I say that it only helps,.. it doesn't fully
> solve this.
It is irrelevant to this. There are a lot of "David Shaw"s in the
world, and it's pointless to try and prevent collisions in a set that
large. The disambiguation in OpenPGP keys is really the email
address, not the name.
David
More information about the Gnupg-users
mailing list