keys require a user-id
sac at 300baud.de
Fri May 15 13:29:31 CEST 2020
Werner Koch wrote:
> On Thu, 14 May 2020 23:01, Stefan Claas said:
> > you would consider including it in GnuPG too and reflecting it in
> > the respective RFC?
> The User-IDs are an integral part of OpenPGP and at the core of its
> design. All kind of important information is bound to the user ids
> and thus a key w/o a user ID is basically useless.
I understand that a UID is an integral part, for example if people
need a certification from a trusted CA, which usually requires a full
name and email address.
What I don't understand is why you are not liking the idea to allow
GnuPG to automatically import and process UID-less public key blocks,
if people who trust the GnuPG brand ask for this?
Nobody is asking for UID-less key creation as default behavior.
> There is one exception for this: Derek Atkins (one of the original PGP
> authors) requested certain features to allow the use of a stripped
> down OpenPGP key by space and CPU constrained devices. We integrated
> this into the standard because it is better to use even a stripped
> down format than to come up with just another format.
> Direct key signatures were never intended to replace User-IDs and
> their self-signatures.
> And no, it is not a privacy issue. If you don't want to put your name
> or mail address into the user ID, just don't do it but use a random
> string or even the keys fingerprint. For the majority of use cases a
> mail address is still the best way to identify and even lookup a key.
GnuPG always asks IIRC new users for their Name and email address
and does not tell them in advance that they can use a free form UID,
without an email address, thus being able to use a key for multiple
accounts or purposes, without adding additional UIDs.
Signal (Desktop) +4915172173279
More information about the Gnupg-users