UI terminology for calculated validities

MFPA 2014-667rhzu3dc-lists-groups at riseup.net
Sat Apr 26 13:03:14 CEST 2014

Hash: SHA512
NotDashEscaped: You need GnuPG to verify this message


On Friday 25 April 2014 at 5:38:15 AM, in
<mid:1619717.pObFgkP320 at inno>, Hauke Laging wrote:

> a) You always want to use fingerprints instead.

Fair enough.

> b) You do not need any reference to a key anyway
> because it is  absolutely clear which keys this
> statement refers to if one key signs  another.

I take your point, but would prefer such a fundamental statement about
shared genesis of multiple keys to reference those keys directly.
After all, as well as claiming "this other key is also mine"
(corroborated by cross-signing), you would also be indicating your
intention that your set of keys should be treated as one key for the
purpose of trust calculations. It needs to be as deliberate and
explicit as reasonably possible, with room for error minimised.

> c) I would like to handle that with an generic
> notation. I see a strong need for an expression about
> the relation of the signer to the owner of the signed
> key. It makes a big difference whether I say "This is
> some  foreigner which has shown me some ID (see
> separate notation for  details)" or "This is my
> sister".

I can see the point of differentiating between a certification on the
key of somebody you actually know and on the key of somebody you don't
know but checked id. But I agree with DKG that "This is my
sister/neighbour/work-colleague/friend-since-childhood" etc is too
much information that could backfire on people.

Best regards

MFPA                    mailto:2014-667rhzu3dc-lists-groups at riseup.net

There is no snooze button for a cat that wants breakfast


More information about the Gnupg-users mailing list