Call me crazy, but ...
Viktor
ageyev at gmail.com
Wed Jul 14 16:23:42 CEST 2021
It's the same as putting any other public information in public key
certificate. You can put first and last name, email address and even
photo of another person.
In general: unless we have other trusted person to verify that public
key belongs to certain person, we can not ensure key owner identity
before we have some transactions signed with this key.
And we should not only trust person that has verified public key
certificate, we should also know and trust the procedure this person
used to verify public key certificate. And this is very important if
there is a dispute, say about a signed contract.
This was the flaw in pgp's web of trust: verification procedures were
not known.
Best regards,
Viktor Ageyev
CEO, Cryptonomica.net
On 14/07/2021 15:45, Стефан Васильев via Gnupg-users wrote:
> if a person, within the EU, would put his COVID vaccination certificate
> QR-Code
> in his pub-key as photo-ID I would say that than another GnuPG user, within
> the EU, or maybe later in the U.S. and elsewhere too, would have the
> assurance,
> without that the public key is otherwise signed, that this pub key
> belongs to that
> person.
>
> On GitHub is a decoder available, which allows users to verify the
> digital signature
> of such COVID certs, with trustlists from EU member states.
>
> https://github.com/stapelberg/coronaqr
>
> Regards
> Stefan
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
More information about the Gnupg-users
mailing list