UI terminology for calculated validities
Hauke Laging
mailinglisten at hauke-laging.de
Fri May 2 03:45:30 CEST 2014
Am Fr 25.04.2014, 11:20:08 schrieb Peter Lebbing:
> On 25/04/14 04:49, Hauke Laging wrote:
> > Another point:
> > Is it a good idea to use the same terms for both the key itself and
> > user IDs?
>
> What do you mean? Validity (and it's proposed new form, authenticity)
> refers to the coupling of a key and a User ID. It doesn't refer to
> either thing by itself. Does it?
Of course, it does:
start cmd:> LANG=en gpg --edit-key 0x1a571df5 quit
pub 4096R/0x1A571DF5 created: 2012-11-04 usage: SCE
trust: ultimate validity: ultimate
This is a statement about the key, not about some UID.
Or:
start cmd:> gpg --with-colons --list-keys 0x1a571df5
pub:u:4096:1:BF4B8EEF1A571DF5:1351995465:1415197758::u:::escESCA:
uid:u::::
uid:u::::
uid:u::::
/usr/share/doc/packages/gpg2/DETAILS:
2. Field: A letter describing the calculated validity.
The key itself must have such a state for the simple reason that you can
select an encryption key via the UID but you (usually) cannot know
"which UID" has made a signature. You just know the (sub)key. The WoT is
calculated over key validities not over UID validities.
Hauke
--
Crypto für alle: http://www.openpgp-schulungen.de/fuer/unterstuetzer/
http://userbase.kde.org/Concepts/OpenPGP_Help_Spread
OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20140502/6a9ff58b/attachment.sig>
More information about the Gnupg-users
mailing list