Revoke signature from key
kgo at grant-olson.net
Mon Mar 21 22:41:33 CET 2011
On 03/21/2011 05:17 PM, Daniel Kahn Gillmor wrote:
> On 03/21/2011 04:51 PM, Grant Olson wrote:
>> But that doesn't provide any easy way for me to only trust your
>> identity+metadata certifications, if, for example, I trust you to sign
>> in your role for a company, but don't trust or care about your
>> personally-issued sigs.
> You are free to disregard any of my certifications you like. It would
> not be unreasonable of you to say "i will disregard all certifications
> by dkg that lack a department at example.com notation." if that's what
> you're trying to do.
>> Instead of signing your key, I need to manually
>> inspect any and all keys that may have your signature.
> Why is this a manual process? You would not be inspecting the keys --
> you'd be inspecting my signatures, which you have to do anyway (at least
> in order to cryptographically verify them).
It's manual because now I can't just sign your key, let the WoT and gpg
do it's job, and get on with my life. I need to manually run
--list-sigs on any new keys.
Regarding your other points, I don't have any semantic problems with
what you're proposing, I just don't think it's a workable solution
today. It seems like we're in agreement on that.
"Look around! Can you construct some sort of rudimentary lathe?"
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 554 bytes
Desc: OpenPGP digital signature
More information about the Gnupg-users