keys require a user-id

Robert J. Hansen rjh at
Sat May 16 17:56:47 CEST 2020

> So, when you like to communicate with a person who uses such a new
> key how do you proceed then?

I tell them, "I will not be able to use OpenPGP with you until such time
as you UID conforms to the standard.  Would you like help in making your
user ID standards-conformant in a way that reveals nothing about your
real-world identity?"

This is, in fact, the preferred GNU way.  "I'd love to be able to work
with you on this document, but you're using a proprietary format I can't
read.  There's an open format we can both use, though, and I'd be happy
to help you get started with it."

> How does this work in general, let's say I am a dev and would add this
> too, to my OpenPGP app. Is there an OpenPGP board where devs can vote
> for or against a feature, so that Werner has then to follow suite, or
> is he in the position to say no and every dev has to follow his GnuPG
> specs?

The RFC is maintained under auspices of the Internet Engineering Task
Force (IETF), just like every other RFC.  The IETF's motto is "rough
consensus and running code".

Werner sits as secretary of the (largely dormant) group that guides
OpenPGP development, but there are a lot of non-GnuPG people who are
deeply involved in giving feedback on proposed changes.  He's the
secretary, not the dictator.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 821 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the Gnupg-users mailing list