Recommendations for handling (multiple) user IDs - personal and company ones
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Sat Jun 8 19:03:06 CEST 2013
On 06/07/2013 06:54 PM, Hauke Laging wrote:
> In addition to what Doug has said: I recommend to have one UID without email
> address. Just your name and a comment (like "everyday key on smartcard with
> offline main key; see policy URL".
fwiw, some people might not be comfortable certifying a User ID
("signing a key") with such a comment, since it is not actually a part
of the user's identity. How is an OpenPGP certifier supposed to
validate the correctness of this comment?
In general, i think that comments in User IDs should be discouraged, as
i've suggested publicly:
https://www.debian-administration.org/users/dkg/weblog/97
Regards,
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1027 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20130608/02fd4474/attachment.sig>
More information about the Gnupg-users
mailing list