Sign key and export for each UID

Peter Lebbing peter at digitalbrains.com
Mon Sep 16 20:23:43 CEST 2013


On 16/09/13 15:32, atair wrote:
> I also discovered, that there's a sign, lsign,
> ... in the interactive mode with --edit-key -- what are they for/how
> do they differ from normal --sign?

sign is for signatures that can be exported to other people and to keyservers.
lsign is for local signatures, for which you need to be very explicit to export
it. That way, the fact that you signed the key is known to you only, plus it
prevents you from accidentally uploading it without the owner's consent.

> To me, this seems like a standard procedure/template, is it? Where to get it?

Most likely, it's caff or a derivative. caff, CA Fire and Forget, on Debian is
in the package signing-party. I don't know about other distributions, and I
certainly don't know about other OSes :). I think I saw two GUI derivatives
coming by recently here on GnuPG-Users, but I can't find them now.

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>



More information about the Gnupg-users mailing list