OpenPGP key verification + legal framework

Wiktor Kwapisiewicz wiktor at
Mon Nov 5 20:50:28 CET 2018

On 05.11.2018 20:28, Viktor wrote:
> We use the rule, that userID should contain user's fist and last name
> exactly as in passport, and only one email - the same as used for login.
> So we can verify it's really your email.

Have you considered an alternative approach to email verification? For
example just sending an e-mail (probably encrypted) with a one-time
verification link?

That way non-Google users wouldn't be excluded. (Actually this approach
would work for Google and non-Google users alike).

Sending an encrypted e-mail additionally verifies that the user controls
the key in question.

Kind regards,


More information about the Gnupg-users mailing list