[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: signing a GPG key with multiple uids


Oohara Yuuma wrote:
> When signing a GPG key, is it better to sign all of its uids, or
> just an uid that I see relevant (such as the @debian.org one)?
> I usually meet someone, get a hardcopy of the key fingerprint,
> the e-mail address and so on, then check it later and sign the uid
> which have that address in it.

I sign a uid when these uid's address is not bouncing and the person who
claims to belong to this key answers a message encrypted to him sent
to the specific uid. If the person answers to all the mails sent to
him, I can sign all uid's.

The checking if the email is valid and can be read by the keyowner
does weasel's cabot for me => http://www.palfrader.org/#cabot


 .''`.  Rene Engelhard -- Debian GNU/Linux Developer
 : :' : http://www.debian.org | http://people.debian.org/~rene/
 `. `'  rene@debian.org | GnuPG-Key ID: 248AEB73
   `-   Fingerprint: 41FA F208 28D4 7CA5 19BB  7AD9 F859 90B0 248A EB73

Attachment: pgpsv3UnR_0pQ.pgp
Description: PGP signature

Reply to: