MUA "automatically signs keys"?

MFPA 2014-667rhzu3dc-lists-groups at riseup.net
Fri Jan 31 02:47:31 CET 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Thursday 30 January 2014 at 9:28:27 PM, in
<mid:20140130212827.GA30954 at leortable>, Leo Gaspard wrote:



> About emails reused by different persons... AFAICT most
> major email services never re-issue the same email
> address twice. Which could be considered good practice.

Yahoo does. Some of my old yahoo accounts now say this when I log in:
"Your Yahoo account has been inactive for an extended period of time
and is being recycled. If you need a new account, please sign up for a
new one." Other, even older, yahoo accounts give "This ID is not yet
taken. Are you trying to register for a new account?"



> If one worries about an email agency stealing the email
> addresses, well... A signature on an email UID means
> "Yes, this key is used by the same person as the email
> address". So signing it "automatically" would not
> conflict with the meaning of the signature.

Fair enough.



>  Yet if the
> UID also includes a name, then it should be signed only
> after appropriate verification of the owner.

Makes sense to me.

- --
Best regards

MFPA                    mailto:2014-667rhzu3dc-lists-groups at riseup.net

War is a matter of vital importance to the State.
-----BEGIN PGP SIGNATURE-----

iPQEAQEKAF4FAlLrALlXFIAAAAAALgAgaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl
bnBncC5maWZ0aGhvcnNlbWFuLm5ldEJBMjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0
N0VDQTAzAAoJEKipC46tDG5pOfsD/2s71tagOl3322f/WIbP5CaqwruiCtQO3B8f
Sg3DuqmM8kNenFJgjbAq8PTf5FF4WXF/4xZasCvdPkMlgtFaCKcWgdEPo87cwBxY
gEzjnZESkosq5m3vpD3PHxmeDzxP9QBp9ETuBNp745ZzcS8Oqiic3r6dfAxa5OyB
PbF5ntLK
=ODsN
-----END PGP SIGNATURE-----




More information about the Gnupg-users mailing list