Signatures stored as information inside a "public key"/certificate?

Morton D. Trace classpath at
Fri Jun 13 17:35:36 CEST 2008

Hash: SHA1

bezna wrote:
> Hello,

> Which is correct? 

Are signatures an inherent part of the key

or are they
> stored extrinsically?
> George

i would put it this way,

when I run gpg  in command line mode I create  a user ID and a secret
key + a public key.

that is assigned my  real name and  armored,

Then I meet up at the keysigning party and they all verify it,

later I think i can append other email addresses to the same
private key,  I don't know if i can assign a fake private name like

Lordbyte Whirlfield or Dick Tracey or whatever,
as long as you don't take the identity from someone else, your digital
name can be whatever.

but for privacy and spam and prevention of identity theft
I hope that can be possible.

Some people prefer not to put that on a keyserver,
simply for preventing spam, and fraud.

But I am only familiar to gnuPG,  what is the case for a root
certificate or exactly how that can be revoked I don't know.

signatures are an inherent part of a key, but you can anytime create new

for any key you can assign a new artificial name.

This is only my limited understanding of this,
please correct me if I'm wrong.

Version: GnuPG v1.4.8 (SunOS)
Comment: Using GnuPG with Mozilla -


More information about the Gnupg-users mailing list