MUA "automatically signs keys"?
ndk.clanbo at gmail.com
Fri Jan 31 15:02:14 CET 2014
Il 31/01/2014 10:24, Steve Jones ha scritto:
> Well the conventions of use, for example the key signing party
> protocol, requires photographic id. If I publicly sign a key it has to
> be in line with how I expect others to interpret it. Policies and
> notations on signatures go some way to alleviate that but only if the
> tools support it.
I tried looking around for some tutorials about notations, but could
only find minimal information ("it's a string in 'tag at domain=value'
IIUC in *my* policy I could specify that when signing a key I use
"ndk at mydomain=X" notation and that X=0 means "just checked the person
can access the given mailbox", X=1 means "at least 2 other persons have
confirmed that the same user used that email address for the last year"
and so on.
Is my understanding right? When I sign a key and use a notation, am I
actually signing *all* the identities associated with that key? Or just one?
More information about the Gnupg-users