Re: gpg key validity question
On Thu, 25 Apr 2002, christophe barbé wrote:
> But the key makes no references to his name.
> Should I sign his key ?
No. Request that he adds an UID to his key with his name as it appears on
his documents (the name that he would have in a international travel pass,
for example), and sign THAT UID (and any others you have verified to be
The NM process is not a 'internet ressort club' :) That means using an ID
that is made up of a real name, that can be used to track down real people
in real life, and a verified email address to reach that people in internet
Since the gpg signature IS our ID verification, we should be very strict on
that. I sure hope the DAM would reject an applicant that has a nickname for
his Debian signed UID...
"One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind them. In the Land of Redmond
where the shadows lie." -- The Silicon Valley Tarot
To UNSUBSCRIBE, email to firstname.lastname@example.org
with a subject of "unsubscribe". Trouble? Contact email@example.com