Third-Party Confirmation signature?
diafygi at gmail.com
Tue Jul 9 17:10:15 CEST 2019
Yes, I am considering ways of letting a user "whitelist" signatures on
their public key, and using the Signature Target subpacket seemed
like a way to do that.
However, if gpg doesn't support a way of adding that subpacket, then
creating easy-to-copy-and-paste commands for users to use to approve
signatures becomes difficult.
What about using the Notation Data subpacket to provide a pointer
to a target signature that is "approved"? I noticed in the edit-key
interface there is an option for setting notations. Could a user
use gpg's edit-key to create a signature on their key that has a
notation specifying the whitelist of approved third party signature
Thanks for the reply,
On Tue, Jul 9, 2019 at 5:20 AM Werner Koch <wk at gnupg.org> wrote:
> On Mon, 8 Jul 2019 18:45, gnupg-users at gnupg.org said:
> > Is there a way to create a "Third-Party Confirmation signature"
> > using the gnupg command line interface?
> No. You need to add code for this which also requires that you have a
> way to specify another signature packet.
> Are you considering to use 0x50 self-signatures to approve key
> Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-users