Third-Party Confirmation signature?

Daniel Roesler diafygi at
Tue Jul 9 17:10:15 CEST 2019

Hmmm, ok.

Yes, I am considering ways of letting a user "whitelist" signatures on
their public key, and using the Signature Target subpacket[1] seemed
like a way to do that.

However, if gpg doesn't support a way of adding that subpacket, then
creating easy-to-copy-and-paste commands for users to use to approve
signatures becomes difficult.

What about using the Notation Data subpacket[2] to provide a pointer
to a target signature that is "approved"? I noticed in the edit-key
interface there is an option for setting notations[3]. Could a user
use gpg's edit-key to create a signature on their key that has a
notation specifying the whitelist of approved third party signature


Thanks for the reply,

On Tue, Jul 9, 2019 at 5:20 AM Werner Koch <wk at> wrote:
> On Mon,  8 Jul 2019 18:45, gnupg-users at said:
> > Is there a way to create a "Third-Party Confirmation signature"[1]
> > using the gnupg command line interface?
> No.  You need to add code for this which also requires that you have a
> way to specify another signature packet.
> Are you considering to use 0x50 self-signatures to approve key
> signatures?
> Shalom-Salam,
>    Werner
> --
> Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-users mailing list