Group Signing

Mike Acker Mike_Acker at charter.net
Mon Mar 21 22:51:18 CET 2011


="While the common usage for regular users is to sign based on checking
identity, signatures can be just as well used as a token to indicate
membership."

="You forgot gpg --send-keys (newguyskey) and the fact that signatures on
 a key are actually meant as a statement that the signer has checked the
 key owner's identity and not as a sign that someone belongs to a group
 or something..."
~~~

these are very good points!!

consistency is important.  if there are glitches and gotchas and don't
forget tos in the system it will be more likely for well intending
people to make errors

it is entirely possible that Tom could leave the group yet I would want
to maintain secure communication with him.

i will stress to the group that the key authenticates the sender but
does not indicate group membership.

-- 
/MIKE


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 292 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110321/3de390a9/attachment-0001.pgp>


More information about the Gnupg-users mailing list