choosing an encryption target from a User ID
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Tue Sep 22 22:40:07 CEST 2009
On 09/22/2009 04:09 PM, John W. Moore III wrote:
> John Clizbe wrote:
>
>> IIRC, it's the first usable key with a matching User ID. Period. First one it
>> can use.
thanks for catching that, John. It appears that if the first key with a
matching User ID doesn't have full calculated validity, the user gets a
scary warning that "There is no assurance this key belongs to the named
user", and then:
It is NOT certain that the key belongs to the person named
in the user ID. If you *really* know what you are doing,
you may answer the next question with yes.
It does this even if there is a full-valid match later in the keyring!
This doesn't seem like friendly or reasonable behavior for the power
user, let alone the novice user.
> My usual 'solution' for this is to 'Disable' the non-preferred or unused
> Key until such time as it is Revoked or I have been otherwise informed
> it is deprecated beyond any further use.
i'm assuming you mean "gpg --edit-key 0xDECAFBAD" followed by the
"disable" subcommand.
What do y'all think should actually be happening here?
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 891 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20090922/d7a9b284/attachment.pgp>
More information about the Gnupg-users
mailing list