Signatures stored as information inside a "public key"/certificate?

Morton D. Trace classpath at arcor.de
Fri Jun 13 17:35:36 CEST 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

bezna wrote:
> Hello,

> 
> Which is correct? 

Are signatures an inherent part of the key

or are they
> stored extrinsically?
> 
> 
> George


i would put it this way,

when I run gpg  in command line mode I create  a user ID and a secret
key + a public key.

that is assigned my  real name and  armored,

Then I meet up at the keysigning party and they all verify it,

later I think i can append other email addresses to the same
private key,  I don't know if i can assign a fake private name like

Lordbyte Whirlfield or Dick Tracey or whatever,
as long as you don't take the identity from someone else, your digital
name can be whatever.

but for privacy and spam and prevention of identity theft
I hope that can be possible.

Some people prefer not to put that on a keyserver,
simply for preventing spam, and fraud.


But I am only familiar to gnuPG,  what is the case for a root
certificate or exactly how that can be revoked I don't know.


http://www.gnupg.org/gph/en/manual.html


http://www.gnupg.org/gph/en/manual.html#CONCEPTS


signatures are an inherent part of a key, but you can anytime create new
keypairs,

for any key you can assign a new artificial name.


This is only my limited understanding of this,
please correct me if I'm wrong.



Morten
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (SunOS)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkhSk8gACgkQ9ymv2YGAKVTKAQCeMB17XYXPxp5O4EkW4sl2U1nO
IwcAn3GcCIDin8BaDHoOcs5Zw4khj6Wq
=+WJ3
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list