Sign key and export for each UID

Daniel Kahn Gillmor dkg at
Thu Sep 19 18:36:24 CEST 2013

On 09/18/2013 10:35 PM, Doug Barton wrote:
> The issue for me is the "cleanliness" and accuracy of my local key ring
> (as I pointed out in a previous message in this thread). I don't like
> what either CAFF or Pius do; leave signatures that I consider "bogus" on
> my local copy of the key, or rely on the user to upload the signatures
> so that I can get them back after a refresh.

It seems like either one or the other is likely to be the Right Thing to
do with any particular User ID.

Do you have any desired behavior to recommend as a middle ground?
Should caff or pius or monkeysign or similar tools ask the user during
signing about which of the e-mail-containing User IDs they are already
confident about somehow, and use that feedback from the user to either
(if confident) to store the new certifications in the user's main
keyring, or (if not confident) to require the round trip through the
keyservers?  If this is what you want, how would you ask the user that
question in a comprehensible way for each User ID?

or is there some other approach you'd like to see happen?


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1027 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20130919/2df71b9e/attachment-0001.sig>

More information about the Gnupg-users mailing list