lsign produces exportable signatures when used for self-sigs
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Fri Sep 13 18:35:38 CEST 2013
On 09/13/2013 11:35 AM, Nicholas Cole wrote:
> Well. Why not trust your circle of contacts (because anyone using this
> scheme must be in a small circle) not to upload the keys to
> keyservers?
>
> Perhaps if there is enough demand gpg could even have a "Never send
> these keys to keyservers" option in the config file, taking a list of
> fingerprints.
Because I want to be able to make it clear *to the keyservers*, not to
"the circle of contacts" that are using the key. People make mistakes;
people change allegiances; people can be coerced.
I am talking about a statement made by the keyholder, about how they
want their key to propagate or not propagate. We have a standard that
makes clear how to express this intent. It makes sense to embed the
desired instructions in the key itself.
> Just a thought. I'm against doing something that goes against the
> standard when there are other ways to achieve it.
I don't think anything that I have proposed here is in any way against
the standard.
Regards,
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1027 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20130913/a27bcb86/attachment.sig>
More information about the Gnupg-users
mailing list