Sign key and export for each UID

MFPA expires2013 at ymail.com
Mon Sep 16 21:45:08 CEST 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Monday 16 September 2013 at 7:57:04 PM, in
<mid:52375480.7020606 at dougbarton.us>, Doug Barton wrote:


> I have another philosophy that works for me because I
> prefer not to sign uids that are not valid.

What, in your opinion, makes a UID "not valid?"



> I send
> encrypted e-mail to each uid with a  pseudo-random
> string and ask the person to send me back the string in
> a signed message. That allows me to determine if the
> person has control of all 3 elements of the uid; the
> e-mail address, private, and public keys.

I thought that as soon as a public key is published or shared, the
person who created it no longer has control.


- --
Best regards

MFPA                    mailto:expires2013 at ymail.com

I would like to help you out. Which way did you come in?
-----BEGIN PGP SIGNATURE-----

iQCVAwUBUjdf3aipC46tDG5pAQpGWAP/TKN0sQ5ouAyfFeE7PMniShbBg9ipK+Jo
/DGUI6htci0tZz2c5aEYuFYfZMh3unAUltF/0UbsZQ1DQx7cn6GUrRR1IC2DiIaI
JzeYC5bYKWi1Wv+MONr6686Y4ucbkC7yhJ2bNnL5kHR1Ygfv0uwoug5TXHM/AGRO
GT1Y2Srukuc=
=wJtK
-----END PGP SIGNATURE-----




More information about the Gnupg-users mailing list