comments on uid

Faramir at
Sun Mar 18 18:28:59 CET 2012

Hash: SHA256

El 18-03-2012 5:13, freejack at escribió:
> Alright that's a good answer but aren't people just confirming the
> email address belongs to a known signer when they sign a key? Does
> it really matter what the UID comment is? I think it may be going a
> bit too far to say the UID is guaranteed.

  You define yout policy about what do you check when you sign a key
(or an UID, after all, you sign UIDs on a key, not the key itself). So
somebody might check email address and name of the key owner, and
ignore the comment, unless it is false (like the comment sayind "USA
President"). Others might don't care about the comments at all.

> Do I have to do anything with the keys when adding a UID and
> deleting the old one? I don't remember.

  I think you must make the new UID primary UID before being able to
delete the old one, but not sure about it. The worst thing that could
happen is to get a message saying "you can't delete your primary UID"
or something like that.

> My question is on a situation I didn't add the comment by mistake
> when I created the key and now I'd like to be able to add a
> comment. The key isn't signed etc. Thanks.

  If the key is not signed and it is not on keyservers, just make the
new UID, set it as primary, and delete the old one. If the key is
available at keyservers, then revoke the old one instead of deleting it.

   Best Regards
Version: GnuPG v1.4.12 (MingW32)
Comment: Using GnuPG with Mozilla -


More information about the Gnupg-users mailing list