Sign key and export for each UID
expires2013 at ymail.com
Mon Sep 16 21:45:08 CEST 2013
-----BEGIN PGP SIGNED MESSAGE-----
On Monday 16 September 2013 at 7:57:04 PM, in
<mid:52375480.7020606 at dougbarton.us>, Doug Barton wrote:
> I have another philosophy that works for me because I
> prefer not to sign uids that are not valid.
What, in your opinion, makes a UID "not valid?"
> I send
> encrypted e-mail to each uid with a pseudo-random
> string and ask the person to send me back the string in
> a signed message. That allows me to determine if the
> person has control of all 3 elements of the uid; the
> e-mail address, private, and public keys.
I thought that as soon as a public key is published or shared, the
person who created it no longer has control.
MFPA mailto:expires2013 at ymail.com
I would like to help you out. Which way did you come in?
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the Gnupg-users