Call me crazy, but ...

Brandon Anderson at
Wed Jul 14 15:41:11 CEST 2021

What exactly stops me, a person wanting to impersonate that user, from 
putting the same QR-Code I got from that public key into my own keypair?

On 7/14/21 5:45 AM, Стефан Васильев via Gnupg-users wrote:
> if a person, within the EU, would put his COVID vaccination 
> certificate QR-Code
> in his pub-key as photo-ID I would say that than another GnuPG user, 
> within
> the EU, or maybe later in the U.S. and elsewhere too, would have the 
> assurance,
> without that the public key is otherwise signed, that this pub key 
> belongs to that
> person.
> On GitHub is a decoder available, which allows users to verify the 
> digital signature
> of such COVID certs, with trustlists from EU member states.
> Regards
> Stefan
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0x255837AEF812E87E.asc
Type: application/pgp-keys
Size: 15950 bytes
Desc: OpenPGP public key
URL: <>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 228 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the Gnupg-users mailing list