moving user ID Comments to --expert mode
Faramir
faramir.cl at gmail.com
Fri Feb 4 03:35:07 CET 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
El 03-02-2011 17:59, Daniel Kahn Gillmor escribió:
...
> When keysigning, if i get asked to certify a key with a "comment" like
> this, i don't know what to say. What am i certifying if i say that this
> key really belongs to "Joe Schmoe (no comment) <joe at example.org>" ? "Joe
> Schmoe <joe at example.org>" i can understand and certify, but the
> intervening comment doesn't seem sensible or verifiable.
Well, but a comment is just a comment... you don't have to verify them...
> There are indeed some possibly legitimate uses of comments, but many of
> them would be better handled with notations attached to subkeys or
> notations attached to particular user IDs.
I don't know how to attach notations to subkeys, but probably in that
case they would remain unread. People check UIDs, but how often do we
check subkeys?
When you create the key, you need to create the first UID, so the
comment is already attached to a particular user ID. Later you can make
another UID, make it the main UID, revoke the old one, etc.
> What do other people think?
I don't see the problem. Comments may be useful, or may remain empty,
or may include something not useful... but it's just a comment.
Best Regards
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQEcBAEBCAAGBQJNS2XbAAoJEMV4f6PvczxAJX8H/1Di94xPmVLSIgRpS43ft52f
J3YHv6GqQ/35br7nOXKEqwnfRxsnLE6bsNlCW62cu92Lubx8yUaUKK29ho2X5r7A
fCLLZ6GssZ1g1hOPM67hoVgm905NjqPaNQsofMt25gFTnM7AkaZZFsWLrd4+Mlqa
ygqSyp1lojht+6Jg+mx5romZTScVLdsiWnqfWhJ7bp/N2Hr2+EENi4RU1I/MKY+F
aH88gnuCa0F9yHCPpLjEBxKI8Ij0xe9XduBIVGUqu6crQrL897y+OrNaoxvJ3C9f
vOtdwNmUVK7MRhy7LDIsKGuAA8ZFw07V0C9vTmXGgisXy89YE4gWo+QEPFJCVXI=
=bUo8
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list