Mark Brown <broonie@sirena.org.uk> writes: > Signing the key itself rather than an identity on the key wouldn't > really have much point - it is pretty much self evident that a GPG key > is a GPG key and it would be hard to attach much more meaning to a > signature on the key itself than that. I thought perhaps there is a "main" id that is enclosed in the key packet itself, not in a uid sub-packet. Seems not to be the case. > Blindly signing all user IDs without full verification > creates an obvious possibility for impersonation. Sure. > Signing only some user IDs when other IDs have been verified doesn't > cause such active harm, it just means that if somone has an interest > in verifying the unsigned user IDs there's less information out > there to help them. > > The general principle in security related things is that you should be > as untrusting and paranoid as possible. There is a trade-off inherent in crypto: you simply have to trust the other party to not give away the secret key they hold (either deliberately, or by using their birthdate as passphrase, or through a number of other possible blunders). My logic is: I trust the gal to handle her key somewhat competently. It's only a miniscule leap of faith to trust her not to put random e-mail addresses in her key. And even if she did that (or let herself be tricked into doing that), neither she or an additional party would get significant benefits from that. Rehashed out in additional detail in the archives, so I won't bore you any longer ... -- Robbe
Attachment:
signature.ng
Description: PGP signature