Signing a key (meaning)

Sven Radde email at
Fri Apr 8 07:18:42 CEST 2011


Am -10.01.-28163 20:59, schrieb takethebus at
> I wonder how I can check whether the email address in the ID realy belongs to the keyowner. 

You can only check whether the key owner "has access" to the email
address. You cannot check whether this access is in any way exclusive,
legit or whatever.

But the same is true for all other things one can check before a signature:
- The signee has access to the private key (since the UID he wants you
to certify is signed by it).
- The signee has access to documents/evidence proving that the name in
the UID is his.

cu, Sven

More information about the Gnupg-users mailing list