How to get your first key signed

Andrew Gallagher andrewg at andrewg.com
Thu Oct 1 17:44:00 CEST 2015


On 01/10/15 15:18, Mark H. Wood wrote:
> 
> To put my point more plainly:  signatures on products and signatures
> on keys mean different things, and to gain trust for them works in
> different ways.

Another case where common PGP terminology is confusing. You don't really
"sign a key", you certify that a particular identity should be bound to
a key. This process uses the same algorithm as a signature, but the
semantics are different - as evidenced by the fact that [C]ertify and
[S]ign are distinct usages.

A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20151001/ab2ebecc/attachment.sig>


More information about the Gnupg-users mailing list