Any value to duplicate signatures?
ben at adversary.org
Sat Mar 2 10:20:50 CET 2013
-----BEGIN PGP SIGNED MESSAGE-----
On 2/03/13 7:14 PM, Doug Barton wrote:
> I am pretty sure the answer to this question is "no," but I
> thought I'd ask just in case. I've attended a conference for the
> last 2 years where there was a PGP key signing. Several of the
> people who signed my key last year were present again this year,
> and sent me signatures again. The signatures are from the same
> keys, same certification level, everything. The only thing
> different is the date of the signature (obviously).
> So the question is, what value, if any, would there be to
> importing those signatures, and sending them out to the key
> servers? I know that the various -clean options will strip that
> down to the most recent, I'm just curious. :)
I can think of two reasons why there may be some value in including
the second signatures. The first being if you have added a new UID to
your key and the new signatures are now applied to that. The second
being to show that the key is consistently under your control.
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the Gnupg-users