User ID without email address

David Shaw dshaw at jabberwocky.com
Fri Jul 23 19:34:55 CEST 2010


On Jul 23, 2010, at 11:51 AM, war_is_peace at privatdemail.net wrote:

> Hi,
> 
> I'm planning on finally uploading my key to a keyserver. Now I had the
> idea to add a primary user ID which contains only my name and no email
> address. The reason would be that i won't "lose" any signatures if I
> change my email address and revoke the then obsolete user id.
> 
> Does that make sense? Are there known problems if a (primary) user ID
> doesn't contain any email address?

It does make sense, and some people do it.  The problem is that it makes it difficult to use that key with some mail programs, which look for the proper key to use by email address.  You can also have problem with people finding your key on keyservers.

A better solution might be to just buy a domain (it's cheap these days) and then your email address will never change.

> Another question: What is the common practice when signing a key
> regarding its user IDs? Should you sign all user IDs, whether you
> checked if their email address belongs to the key owner or not?

No.  When you make a signature, you are affirming that you believe that the user ID you are signing correctly represents the owner of the key.  If you don't check the email address, you can't really affirm that.

Not everyone checks.  I believe they should.

David




More information about the Gnupg-users mailing list