"just invent something..."
angel at pgp.16bits.net
Fri May 22 04:07:37 CEST 2020
Given the number of people that still manage to create (and distribute)
their keys with glaring mistakes, such as misspelling their own domain
name/tld, or providing a key which doesn't match their email address.
Too many people is sending and receiving openpgp emails by actually
encrypting the content on a separate application, then pasting it on
their MUA (often resulting in the openpgp armor contained in a html/text
block! ☹). Which then leads to the occasional mistake of the wrong key
being manually chosen.
People should *really* use a MUA supporting OpenPGP if they are going to
send or receive OpenPGP emails. It's a big mistake that end users think
it's normal to process that separately.
I don't think relaxing the current uid validation would help with that.
Quite the opposite.
The stated issue could be solved, while keeping rfc4880 conformance, by
adding a skip path on the key creation:
> You have chosen not to provide a uid to the new key. It is recommended
> to add an identifier. A key specifying no email address will be
> severely limited if it is going to be used to send or receive mail, as
> it won't be linked with that account.
> If not providing a uid, usage of this key will have to be done using
> the user-unfriendly key fingerprint. By continuing with no explicit
> uid, GnuPG will automatically fill the uid field with the key
> fingerprint A1786ADB27E946D5DC1B5A989EED09D63FCD9AB7
> Do you want to create such a key anyway? [y/N]
I still wonder if it's worth adding that code for this limited use case,
On 2020-05-21 at 15:32 +0100, Andrew Gallagher wrote:
> you should have a valid key
> that has "president at whitehouse.gov" in either its User ID or local
> alias (as RJH pointed out above).
Note you may need to set your alias for "<president at whitehouse.gov>",
not "president at whitehouse.gov". It will depend on how is gnupg called by
More information about the Gnupg-users