local signatures: should they be importable by default in some cases?
jrollins at finestructure.net
Tue Jun 22 16:13:39 CEST 2010
On Tue, 22 Jun 2010 09:51:58 -0400, Jameson Rollins <jrollins at finestructure.net> wrote:
> I think the situation Daniel points out is one of the better usages for
> local signatures, and probably the main reason for having them in the
> first place.
Actually, looking at the RFC 4880 now, I see that the original
definition definitely was that local signatures were intended to *only*
be used by the issuer. From section 184.108.40.206 :
Non-exportable, or "local", certifications are signatures made by a
user to mark a key as valid within that user's implementation only.
Thus, when an implementation prepares a user's copy of a key for
transport to another user (this is the process of "exporting" the
key), any local certification signatures are deleted from the key.
The receiver of a transported key "imports" it, and likewise trims any
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 835 bytes
Desc: not available
More information about the Gnupg-users