multiple keys vs multiple identities
Simon Richter
Simon.Richter at hogyros.de
Fri Sep 24 16:30:56 CEST 2010
Hi,
On Fri, Sep 24, 2010 at 10:00:40AM -0400, Daniel Kahn Gillmor wrote:
> > It'd be nice if there was a signature notation that specifies which
> > UID(s) this signature would be valid for.
> Unless i'm misunderstanding your suggestion, there is no need for such a
> notation -- OpenPGP certifications are made over a single User ID and
> its associated primary key. If you certify someone's key and they have
> three User IDs, and you only can vouch for two of them, you should only
> certify those two.
Of course. I was talking about data signatures, i.e. "I'm signing this
with my work hat on".
The main use case I have is my Debian work -- when I sign a .changes
file, the Debian archive will accept it, even if the package in question
was really intended for another repository (where I use the same key for
authentication).
As my main key is well-established in the WoT, I'd like to use the
existing connections to get a trust path; however using the key directly
leads to the problem that the signature can be interpreted in multiple
ways.
Simon
More information about the Gnupg-users
mailing list