Is there a way to comment a key locally?

Daniel Kahn Gillmor dkg at
Wed Jul 29 18:34:52 CEST 2015

On Wed 2015-07-29 07:05:50 -0400, MFPA wrote:
> On Wednesday 29 July 2015 at 3:53:47 AM, in <mid:55B8403B.8050207 at>, fmv1992 at wrote:
>> Is there a way to comment a key locally?
> I think the closest currently available is a non-exportable signature
> with brief comment in a signature notation.

That's exactly what i do with a small (fairly clumsy) script "lcert":

read -e -p 'lsig reason: ' reason
gpg2 --lsign --cert-notation "lsigreason at${reason}" "$1"

the main issue is when the cert i'm making such a notation on has
multiple user IDs and then gpg falls back to prompting whether i want to
sign all uids or not -- if i say "no", then i have to select the
relevant uids, and then type "lsign" and "save" in the gpg subshell.

note that this has the side effect of marking every lsigned key+user id
as valid (since i'm certifying it with my own key).

If that's not what you want, you can also just keep a separate text file
(or addressbook or whatever data storage you're most comfortable with)
with your own notes about the person/key in question.


More information about the Gnupg-users mailing list