protecting pub-keys from unwanted signatures
admin at zwiebelfreund.de
Sun Aug 16 10:10:28 CEST 2015
Hello Werner and all,
after seeing Facebook's public key a couple of days ago,
i was wondering if it's possible to enhance GnuPG in a
future version, so that it no longer allows someone to
sign a public key without approval of the owner.
As an example: Bob likes to sign Alice's pub key and
issues the sign key command, but instead of signing
the key directly GnuPG would create a "Signature
Reguest Certificate" which Alice reads and verifies
in GnuPG, thus allowing her to add Bob's signature
to her key. This mechanism, or a similar one would
protect Alice's key from unwanted signatures.
More information about the Gnupg-users