dshaw at jabberwocky.com
Wed Jun 24 16:32:40 CEST 2009
On Jun 24, 2009, at 12:21 AM, Daniel Kahn Gillmor wrote:
> On 06/23/2009 10:53 PM, David Shaw wrote:
>> Unfortunately, local signatures do not work that way. Each
>> implementation strips local signatures both on export and on import
>> (just in case someone leaked one on export). They just don't have
>> anything to do with exporting keys.
> Right, but a key with no valid self-sigs won't be imported either,
> right? If all self-sigs were marked non-exportable, wouldn't that
> the import (if not export) of the key itself?
A non-exportable self-sig would not be exported by the owner unless
the manually forced it to export. Similarly, those self-sigs would
not be imported by anyone else unless they manually forced it to
import. Similarly again, those self-sigs would not be re-exported
unless they were manually forced to export And so on.
To say nothing of the fact that even if you did this, it just removes
the self-sigs, and a key is not required to have self-sigs to work!
The trust calculations will kick it out as invalid, but again, the
sender can ask for it to be used anyway.
It boils down to a very complicated way to say the same thing I said
before: "You can ask those people, nicely, to not give your key out to
anyone, but that's about it."
More information about the Gnupg-users