Recommendations for handling (multiple) user IDs - personal and company ones

Daniel Kahn Gillmor dkg at
Sat Jun 8 19:03:06 CEST 2013

On 06/07/2013 06:54 PM, Hauke Laging wrote:

> In addition to what Doug has said: I recommend to have one UID without email 
> address. Just your name and a comment (like "everyday key on smartcard with 
> offline main key; see policy URL".

fwiw, some people might not be comfortable certifying a User ID
("signing a key") with such a comment, since it is not actually a part
of the user's identity.  How is an OpenPGP certifier supposed to
validate the correctness of this comment?

In general, i think that comments in User IDs should be discouraged, as
i've suggested publicly:



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1027 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20130608/02fd4474/attachment.sig>

More information about the Gnupg-users mailing list