Call me crazy, but ...

Brandon Anderson brandon753.ba at gmail.com
Wed Jul 14 15:41:11 CEST 2021


What exactly stops me, a person wanting to impersonate that user, from 
putting the same QR-Code I got from that public key into my own keypair?

On 7/14/21 5:45 AM, Стефан Васильев via Gnupg-users wrote:
> if a person, within the EU, would put his COVID vaccination 
> certificate QR-Code
> in his pub-key as photo-ID I would say that than another GnuPG user, 
> within
> the EU, or maybe later in the U.S. and elsewhere too, would have the 
> assurance,
> without that the public key is otherwise signed, that this pub key 
> belongs to that
> person.
>
> On GitHub is a decoder available, which allows users to verify the 
> digital signature
> of such COVID certs, with trustlists from EU member states.
>
> https://github.com/stapelberg/coronaqr
>
> Regards
> Stefan
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0x255837AEF812E87E.asc
Type: application/pgp-keys
Size: 15950 bytes
Desc: OpenPGP public key
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20210714/0b5c48ba/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 228 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20210714/0b5c48ba/attachment-0001.sig>


More information about the Gnupg-users mailing list