How to sign my own public key?
David Shaw
dshaw at jabberwocky.com
Thu Dec 29 18:21:12 CET 2011
On Dec 29, 2011, at 10:19 AM, Robert J. Hansen wrote:
> On 12/29/11 10:08 AM, Stayvoid wrote:
>> A key is already signed after creation, right?
>
> Per spec, it must be. GnuPG enforces this. However, it's possible to
> find some (likely deliberately mangled) certificates that are missing
> self-signatures.
The OpenPGP spec actually doesn't require it, for compatibility with the original spec which also didn't require it. The implementations do tend to require it (which makes sense, as it is important for many reasons). These days, if you see a non-self-signed key, something is wrong.
David
More information about the Gnupg-users
mailing list