protecting pub-keys from unwanted signatures

Stefan Claas admin at
Sun Aug 16 10:10:28 CEST 2015

Hello Werner and all,

after seeing Facebook's public key a couple of days ago,
i was wondering if it's possible to enhance GnuPG in a
future version, so that it no longer allows someone to
sign a public key without approval of the owner.

As an example: Bob likes to sign Alice's pub key and
issues the sign key command, but instead of signing
the key directly GnuPG would create a "Signature
Reguest Certificate" which Alice reads and verifies
in GnuPG, thus allowing her to add Bob's signature
to her key. This mechanism, or a similar one would 
protect Alice's key from unwanted signatures.

Best regards

More information about the Gnupg-users mailing list