UI terminology for calculated validities

Hauke Laging mailinglisten at hauke-laging.de
Fri May 2 03:45:30 CEST 2014

Am Fr 25.04.2014, 11:20:08 schrieb Peter Lebbing:
> On 25/04/14 04:49, Hauke Laging wrote:
> > Another point:
> > Is it a good idea to use the same terms for both the key itself and
> > user IDs?
> What do you mean? Validity (and it's proposed new form, authenticity)
> refers to the coupling of a key and a User ID. It doesn't refer to
> either thing by itself. Does it?

Of course, it does:

start cmd:> LANG=en gpg --edit-key 0x1a571df5 quit
pub  4096R/0x1A571DF5  created: 2012-11-04  usage: SCE 
                       trust: ultimate      validity: ultimate

This is a statement about the key, not about some UID.


start cmd:> gpg --with-colons --list-keys 0x1a571df5


2. Field:  A letter describing the calculated validity.

The key itself must have such a state for the simple reason that you can 
select an encryption key via the UID but you (usually) cannot know 
"which UID" has made a signature. You just know the (sub)key. The WoT is 
calculated over key validities not over UID validities.

Crypto für alle: http://www.openpgp-schulungen.de/fuer/unterstuetzer/
OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20140502/6a9ff58b/attachment.sig>

More information about the Gnupg-users mailing list