keys require a user-id

Mark azbigdogs at gmx.com
Wed May 20 07:31:27 CEST 2020 

Just to test this out I tried creating a new key in Kleopatra with no
name and then with just a single name and it would not let me do it. It
had to have a first and at least a last initial. 

On 5/19/2020 7:29 AM, Robert J. Hansen wrote:
>> With the freeform approach, when I would have to use (auto) generated
>> random chars or the fingerprint then I would have problems memorizing
>> if this was your, dkg's or Werner's public keyblock and it could be
>> also more error prone (typos), when using this method, in CLI mode.
> --group {name=value}
>         Sets up a named group, which is similar to aliases in email pro‐
>         grams.  Any time the group name is a recipient (-r or  --recipi‐
>         ent),  it  will  be  expanded  to the values specified. Multiple
>         groups with the same name are automatically merged into a single
>         group.
>
>         The  values are key IDs or fingerprints, but any key description
>         is accepted. Note that a value with spaces in it will be treated
>         as  two  different  values. Note also there is only one level of
>         expansion --- you cannot make an group that  points  to  another
>         group.  When  used from the command line, it may be necessary to
>         quote the argument to this option  to  prevent  the  shell  from
>         treating it as multiple arguments.
>
> The feature you want, GnuPG already has.  If my certificate had no email
> address listed, you could put
>
> 	group rjh at sixdemonbag.org=0x1DCBDC01B44427C7
>
> ... and then whenever you asked GnuPG to encrypt something for
> rjh at sixdemonbag.org, GnuPG would silently substitute my certificate.
>
> So let's recap:
>
> * PII-free UIDs are possible today
> * Nobody is forced to put PII in a UID
> * Certificates can be relabeled with the 'group' option
>
> It really seems like after all this discussion the only thing left is
> you think GnuPG ought do a better job documenting how to create a
> PII-free UID.  And if you can get the community to back you on that I'll
> draft it myself.
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users

More information about the Gnupg-users mailing list