Call me crazy, but ...

Стефан Васильев stefan.vasilev at
Wed Jul 14 20:49:10 CEST 2021

Andrew Gallagher wrote:
>> On 14 Jul 2021, at 18:34, Стефан Васильев via Gnupg-users 
>> <gnupg-users at> wrote:
>> Viktor wrote:
>>> It's the same as putting any other public information in public key
>>> certificate. You can put first and last name, email address and even
>>> photo of another person.
>> But this information can be digitally verified and is issued EU wide 
>> by
>> Governemnt trusted sources in this field.
> But this puts logical causality the wrong way around. Just because the
> thing *being signed* is genuine, does not prove that the thing *doing
> the signing* is genuine.
> IMO this proposal is abuse of the public key infrastructure. If you
> want to sign an ID document, just sign an ID document and distribute
> it through other channels. Attaching it as a signed packet to a key
> adds zero value, at nonzero cost.

What abuse do you see here, if I may ask? I see it as an non-public 
among virtual GnuPG friends to include in a duplicate certified data, 
is not meant to been distributed on keyservers etc. or made public to
the world and acts for two pub keys comparison.


More information about the Gnupg-users mailing list